Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

0.2.15 changes #461

Merged
merged 6 commits into from
Dec 19, 2023
Merged

0.2.15 changes #461

merged 6 commits into from
Dec 19, 2023

Conversation

norrisjeremy
Copy link
Contributor

@norrisjeremy norrisjeremy commented Dec 18, 2023

  • Adjust maven workflow to split unit & integrations into separate steps so that they can be executed via direct mojo calls and thus avoiding potentially reexecuting prior phases.
    -- Revert ee39336 since it doesn't seem to work with Github's CI runner.
  • Integrate Forbidden API Checker and resolve issues it flagged.
  • Is jsch affected by the Terrapin attack? #457 address CVE-2023-48795 by adding support for new strict key exchange extension.
    -- This change introduces two new config options to control usage of the new strict key exchange extension:
    --- enable_strict_kex (set to yes by default)
    --- require_strict_kex (set to no by default)
    -- If either option (or both) is enabled, then JSch will attempt to use the new strict key exchange extension.
    --- If the require_strict_kex option is enabled and JSch detects the server does not support it, then JSch will terminate the connection and throw an exception.
    --- If the require_strict_kex option is not enabled and JSch detects the server does not support it, then JSch will fallback and proceed with the connection without using the new extension.
    --- This gives users the ability to enable a strong security posture if needed and avoid proceeding with connections to potentially insecure servers.
  • Is jsch affected by the Terrapin attack? #457 add integration tests for new strict key exchange extension.
  • Add support for [email protected] extension.
    -- This change introduces a new config option to control usage of the new [email protected]:
    --- enable_ext_info_in_auth (set to yes by default)

@norrisjeremy
Copy link
Contributor Author

FYI, I can add more extensive unit tests once OpenSSH 9.6 is available in Alpine Linux so that we can use it as a TestContainer.
I have locally built OpenSSH 9.6 and executed my preliminary integration test against it and it appears to work.

@mwiede
Copy link
Owner

mwiede commented Dec 18, 2023

Very good, the https://github.com/RUB-NDS/Terrapin-Scanner)[https://github.com/RUB-NDS/Terrapin-Scanner/releases/tag/v1.0.2 reports the following for connecting from the new code:

$ ./Terrapin_Scanner_Linux_amd64 --listen 0.0.0.0:2222
Listening for incoming client connection on 0.0.0.0:2222
================================================================================
==================================== Report ====================================
================================================================================

Remote Banner: SSH-2.0-JSCH_0.2.15_SNAPSHOT

ChaCha20-Poly1305 support:   false
CBC-EtM support:             false

Strict key exchange support: true

==> The scanned peer supports Terrapin mitigations and can establish
    connections that are NOT VULNERABLE to Terrapin. Glad to see this.
    For strict key exchange to take effect, both peers must support it.

Note: This tool is provided as is, with no warranty whatsoever. It determines
      the vulnerability of a peer by checking the supported algorithms and
      support for strict key exchange. It may falsely claim a peer to be
      vulnerable if the vendor supports countermeasures other than strict key
      exchange.

For more details visit our website available at https://terrapin-attack.com

@BernhardGruen
Copy link

Much appreciated thank you for your fast fix @norrisjeremy

FYI, I can add more extensive unit tests once OpenSSH 9.6 is available in Alpine Linux so that we can use it as a TestContainer. I have locally built OpenSSH 9.6 and executed my preliminary integration test against it and it appears to work.

Alpine Linux also just released OpenSSH 9.6 for edge. The 3.19 branch got the upgrade too.

@mwiede mwiede merged commit 02f89c8 into mwiede:master Dec 19, 2023
5 checks passed
@norrisjeremy norrisjeremy deleted the 20231218 branch December 19, 2023 17:27
renovate bot referenced this pull request in sheldonhull/az-pr Dec 25, 2023
[![Mend
Renovate](https://app.renovatebot.com/images/banner.svg)](https://renovatebot.com)

This PR contains the following updates:

| Package | Change | Age | Adoption | Passing | Confidence |
|---|---|---|---|---|---|
| golang.org/x/crypto | `v0.16.0` -> `v0.17.0` |
[![age](https://developer.mend.io/api/mc/badges/age/go/golang.org%2fx%2fcrypto/v0.17.0?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|
[![adoption](https://developer.mend.io/api/mc/badges/adoption/go/golang.org%2fx%2fcrypto/v0.17.0?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|
[![passing](https://developer.mend.io/api/mc/badges/compatibility/go/golang.org%2fx%2fcrypto/v0.16.0/v0.17.0?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|
[![confidence](https://developer.mend.io/api/mc/badges/confidence/go/golang.org%2fx%2fcrypto/v0.16.0/v0.17.0?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|

copilot:all

### GitHub Vulnerability Alerts

####
[CVE-2023-48795](https://togithub.com/warp-tech/russh/security/advisories/GHSA-45x7-px36-x8w8)

### Summary

Terrapin is a prefix truncation attack targeting the SSH protocol. More
precisely, Terrapin breaks the integrity of SSH's secure channel. By
carefully adjusting the sequence numbers during the handshake, an
attacker can remove an arbitrary amount of messages sent by the client
or server at the beginning of the secure channel without the client or
server noticing it.

### Mitigations

To mitigate this protocol vulnerability, OpenSSH suggested a so-called
"strict kex" which alters the SSH handshake to ensure a
Man-in-the-Middle attacker cannot introduce unauthenticated messages as
well as convey sequence number manipulation across handshakes.

**Warning: To take effect, both the client and server must support this
countermeasure.**

As a stop-gap measure, peers may also (temporarily) disable the affected
algorithms and use unaffected alternatives like AES-GCM instead until
patches are available.

### Details

The SSH specifications of ChaCha20-Poly1305
(chacha20-poly1305@​openssh.com) and Encrypt-then-MAC
(*[email protected] MACs) are vulnerable against an arbitrary prefix
truncation attack (a.k.a. Terrapin attack). This allows for an extension
negotiation downgrade by stripping the SSH_MSG_EXT_INFO sent after the
first message after SSH_MSG_NEWKEYS, downgrading security, and disabling
attack countermeasures in some versions of OpenSSH. When targeting
Encrypt-then-MAC, this attack requires the use of a CBC cipher to be
practically exploitable due to the internal workings of the cipher mode.
Additionally, this novel attack technique can be used to exploit
previously unexploitable implementation flaws in a Man-in-the-Middle
scenario.

The attack works by an attacker injecting an arbitrary number of
SSH_MSG_IGNORE messages during the initial key exchange and consequently
removing the same number of messages just after the initial key exchange
has concluded. This is possible due to missing authentication of the
excess SSH_MSG_IGNORE messages and the fact that the implicit sequence
numbers used within the SSH protocol are only checked after the initial
key exchange.

In the case of ChaCha20-Poly1305, the attack is guaranteed to work on
every connection as this cipher does not maintain an internal state
other than the message's sequence number. In the case of
Encrypt-Then-MAC, practical exploitation requires the use of a CBC
cipher; while theoretical integrity is broken for all ciphers when using
this mode, message processing will fail at the application layer for CTR
and stream ciphers.

For more details see
[https://terrapin-attack.com](https://terrapin-attack.com).

### Impact

This attack targets the specification of ChaCha20-Poly1305
(chacha20-poly1305@​openssh.com) and Encrypt-then-MAC
(*[email protected]), which are widely adopted by well-known SSH
implementations and can be considered de-facto standard. These
algorithms can be practically exploited; however, in the case of
Encrypt-Then-MAC, we additionally require the use of a CBC cipher. As a
consequence, this attack works against all well-behaving SSH
implementations supporting either of those algorithms and can be used to
downgrade (but not fully strip) connection security in case SSH
extension negotiation (RFC8308) is supported. The attack may also enable
attackers to exploit certain implementation flaws in a man-in-the-middle
(MitM) scenario.

---

### Prefix Truncation Attack against ChaCha20-Poly1305 and
Encrypt-then-MAC aka Terrapin
[CVE-2023-48795](https://nvd.nist.gov/vuln/detail/CVE-2023-48795) /
[GHSA-45x7-px36-x8w8](https://togithub.com/advisories/GHSA-45x7-px36-x8w8)
/ [GO-2023-2402](https://pkg.go.dev/vuln/GO-2023-2402)

<details>
<summary>More information</summary>

#### Details
##### Summary

Terrapin is a prefix truncation attack targeting the SSH protocol. More
precisely, Terrapin breaks the integrity of SSH's secure channel. By
carefully adjusting the sequence numbers during the handshake, an
attacker can remove an arbitrary amount of messages sent by the client
or server at the beginning of the secure channel without the client or
server noticing it.

##### Mitigations

To mitigate this protocol vulnerability, OpenSSH suggested a so-called
"strict kex" which alters the SSH handshake to ensure a
Man-in-the-Middle attacker cannot introduce unauthenticated messages as
well as convey sequence number manipulation across handshakes.

**Warning: To take effect, both the client and server must support this
countermeasure.**

As a stop-gap measure, peers may also (temporarily) disable the affected
algorithms and use unaffected alternatives like AES-GCM instead until
patches are available.

##### Details

The SSH specifications of ChaCha20-Poly1305
(chacha20-poly1305@&#8203;openssh.com) and Encrypt-then-MAC
(*[email protected] MACs) are vulnerable against an arbitrary prefix
truncation attack (a.k.a. Terrapin attack). This allows for an extension
negotiation downgrade by stripping the SSH_MSG_EXT_INFO sent after the
first message after SSH_MSG_NEWKEYS, downgrading security, and disabling
attack countermeasures in some versions of OpenSSH. When targeting
Encrypt-then-MAC, this attack requires the use of a CBC cipher to be
practically exploitable due to the internal workings of the cipher mode.
Additionally, this novel attack technique can be used to exploit
previously unexploitable implementation flaws in a Man-in-the-Middle
scenario.

The attack works by an attacker injecting an arbitrary number of
SSH_MSG_IGNORE messages during the initial key exchange and consequently
removing the same number of messages just after the initial key exchange
has concluded. This is possible due to missing authentication of the
excess SSH_MSG_IGNORE messages and the fact that the implicit sequence
numbers used within the SSH protocol are only checked after the initial
key exchange.

In the case of ChaCha20-Poly1305, the attack is guaranteed to work on
every connection as this cipher does not maintain an internal state
other than the message's sequence number. In the case of
Encrypt-Then-MAC, practical exploitation requires the use of a CBC
cipher; while theoretical integrity is broken for all ciphers when using
this mode, message processing will fail at the application layer for CTR
and stream ciphers.

For more details see
[https://terrapin-attack.com](https://terrapin-attack.com).

##### Impact

This attack targets the specification of ChaCha20-Poly1305
(chacha20-poly1305@&#8203;openssh.com) and Encrypt-then-MAC
(*[email protected]), which are widely adopted by well-known SSH
implementations and can be considered de-facto standard. These
algorithms can be practically exploited; however, in the case of
Encrypt-Then-MAC, we additionally require the use of a CBC cipher. As a
consequence, this attack works against all well-behaving SSH
implementations supporting either of those algorithms and can be used to
downgrade (but not fully strip) connection security in case SSH
extension negotiation (RFC8308) is supported. The attack may also enable
attackers to exploit certain implementation flaws in a man-in-the-middle
(MitM) scenario.

#### Severity
- CVSS Score: 5.9 / 10 (Medium)
- Vector String: `CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N`

#### References
-
[https://github.com/warp-tech/russh/security/advisories/GHSA-45x7-px36-x8w8](https://togithub.com/warp-tech/russh/security/advisories/GHSA-45x7-px36-x8w8)
-
[https://nvd.nist.gov/vuln/detail/CVE-2023-48795](https://nvd.nist.gov/vuln/detail/CVE-2023-48795)
-
[https://github.com/apache/mina-sshd/issues/445](https://togithub.com/apache/mina-sshd/issues/445)
-
[https://github.com/hierynomus/sshj/issues/916](https://togithub.com/hierynomus/sshj/issues/916)
-
[https://github.com/janmojzis/tinyssh/issues/81](https://togithub.com/janmojzis/tinyssh/issues/81)
-
[https://github.com/mwiede/jsch/issues/457](https://togithub.com/mwiede/jsch/issues/457)
-
[https://github.com/paramiko/paramiko/issues/2337](https://togithub.com/paramiko/paramiko/issues/2337)
-
[https://github.com/proftpd/proftpd/issues/456](https://togithub.com/proftpd/proftpd/issues/456)
-
[https://github.com/NixOS/nixpkgs/pull/275249](https://togithub.com/NixOS/nixpkgs/pull/275249)
-
[https://github.com/libssh2/libssh2/pull/1291](https://togithub.com/libssh2/libssh2/pull/1291)
-
[https://github.com/mwiede/jsch/pull/461](https://togithub.com/mwiede/jsch/pull/461)
-
[https://github.com/TeraTermProject/teraterm/commit/7279fbd6ef4d0c8bdd6a90af4ada2899d786eec0](https://togithub.com/TeraTermProject/teraterm/commit/7279fbd6ef4d0c8bdd6a90af4ada2899d786eec0)
-
[https://github.com/connectbot/sshlib/commit/5c8b534f6e97db7ac0e0e579331213aa25c173ab](https://togithub.com/connectbot/sshlib/commit/5c8b534f6e97db7ac0e0e579331213aa25c173ab)
-
[https://github.com/golang/crypto/commit/9d2ee975ef9fe627bf0a6f01c1f69e8ef1d4f05d](https://togithub.com/golang/crypto/commit/9d2ee975ef9fe627bf0a6f01c1f69e8ef1d4f05d)
-
[https://github.com/jtesta/ssh-audit/commit/8e972c5e94b460379fe0c7d20209c16df81538a5](https://togithub.com/jtesta/ssh-audit/commit/8e972c5e94b460379fe0c7d20209c16df81538a5)
-
[https://github.com/mscdex/ssh2/commit/97b223f8891b96d6fc054df5ab1d5a1a545da2a3](https://togithub.com/mscdex/ssh2/commit/97b223f8891b96d6fc054df5ab1d5a1a545da2a3)
-
[https://github.com/warp-tech/russh/commit/1aa340a7df1d5be1c0f4a9e247aade76dfdd2951](https://togithub.com/warp-tech/russh/commit/1aa340a7df1d5be1c0f4a9e247aade76dfdd2951)
-
[https://access.redhat.com/security/cve/cve-2023-48795](https://access.redhat.com/security/cve/cve-2023-48795)
-
[https://arstechnica.com/security/2023/12/hackers-can-break-ssh-channel-integrity-using-novel-data-corruption-attack/](https://arstechnica.com/security/2023/12/hackers-can-break-ssh-channel-integrity-using-novel-data-corruption-attack/)
- [https://bugs.gentoo.org/920280](https://bugs.gentoo.org/920280)
-
[https://bugzilla.redhat.com/show_bug.cgi?id=2254210](https://bugzilla.redhat.com/show_bug.cgi?id=2254210)
-
[https://bugzilla.suse.com/show_bug.cgi?id=1217950](https://bugzilla.suse.com/show_bug.cgi?id=1217950)
-
[https://crates.io/crates/thrussh/versions](https://crates.io/crates/thrussh/versions)
-
[https://forum.netgate.com/topic/184941/terrapin-ssh-attack](https://forum.netgate.com/topic/184941/terrapin-ssh-attack)
-
[https://git.libssh.org/projects/libssh.git/commit/?h=stable-0.10&id=10e09e273f69e149389b3e0e5d44b8c221c2e7f6](https://git.libssh.org/projects/libssh.git/commit/?h=stable-0.10&id=10e09e273f69e149389b3e0e5d44b8c221c2e7f6)
-
[https://github.com/TeraTermProject/teraterm/releases/tag/v5.1](https://togithub.com/TeraTermProject/teraterm/releases/tag/v5.1)
-
[https://github.com/advisories/GHSA-45x7-px36-x8w8](https://togithub.com/advisories/GHSA-45x7-px36-x8w8)
-
[https://github.com/connectbot/sshlib/compare/2.2.21...2.2.22](https://togithub.com/connectbot/sshlib/compare/2.2.21...2.2.22)
-
[https://github.com/drakkan/sftpgo/releases/tag/v2.5.6](https://togithub.com/drakkan/sftpgo/releases/tag/v2.5.6)
-
[https://github.com/erlang/otp/blob/d1b43dc0f1361d2ad67601169e90a7fc50bb0369/lib/ssh/doc/src/notes.xml#L39-L42](https://togithub.com/erlang/otp/blob/d1b43dc0f1361d2ad67601169e90a7fc50bb0369/lib/ssh/doc/src/notes.xml#L39-L42)
-
[https://github.com/erlang/otp/releases/tag/OTP-26.2.1](https://togithub.com/erlang/otp/releases/tag/OTP-26.2.1)
-
[https://github.com/mkj/dropbear/blob/17657c36cce6df7716d5ff151ec09a665382d5dd/CHANGES#L25](https://togithub.com/mkj/dropbear/blob/17657c36cce6df7716d5ff151ec09a665382d5dd/CHANGES#L25)
-
[https://github.com/mwiede/jsch/compare/jsch-0.2.14...jsch-0.2.15](https://togithub.com/mwiede/jsch/compare/jsch-0.2.14...jsch-0.2.15)
-
[https://github.com/net-ssh/net-ssh/blob/2e65064a52d73396bfc3806c9196fc8108f33cd8/CHANGES.txt#L14-L16](https://togithub.com/net-ssh/net-ssh/blob/2e65064a52d73396bfc3806c9196fc8108f33cd8/CHANGES.txt#L14-L16)
-
[https://github.com/openssh/openssh-portable/commits/master](https://togithub.com/openssh/openssh-portable/commits/master)
-
[https://github.com/proftpd/proftpd/blob/0a7ea9b0ba9fcdf368374a226370d08f10397d99/RELEASE_NOTES](https://togithub.com/proftpd/proftpd/blob/0a7ea9b0ba9fcdf368374a226370d08f10397d99/RELEASE_NOTES)
-
[https://github.com/proftpd/proftpd/blob/d21e7a2e47e9b38f709bec58e3fa711f759ad0e1/RELEASE_NOTES](https://togithub.com/proftpd/proftpd/blob/d21e7a2e47e9b38f709bec58e3fa711f759ad0e1/RELEASE_NOTES)
-
[https://github.com/proftpd/proftpd/blob/master/RELEASE_NOTES](https://togithub.com/proftpd/proftpd/blob/master/RELEASE_NOTES)
-
[https://github.com/rapier1/hpn-ssh/releases](https://togithub.com/rapier1/hpn-ssh/releases)
-
[https://github.com/ronf/asyncssh/blob/develop/docs/changes.rst](https://togithub.com/ronf/asyncssh/blob/develop/docs/changes.rst)
-
[https://github.com/ronf/asyncssh/tags](https://togithub.com/ronf/asyncssh/tags)
-
[https://github.com/warp-tech/russh](https://togithub.com/warp-tech/russh)
-
[https://github.com/warp-tech/russh/releases/tag/v0.40.2](https://togithub.com/warp-tech/russh/releases/tag/v0.40.2)
-
[https://gitlab.com/libssh/libssh-mirror/-/tags](https://gitlab.com/libssh/libssh-mirror/-/tags)
- [https://go.dev/cl/550715](https://go.dev/cl/550715)
- [https://go.dev/issue/64784](https://go.dev/issue/64784)
-
[https://groups.google.com/g/golang-announce/c/-n5WqVC18LQ](https://groups.google.com/g/golang-announce/c/-n5WqVC18LQ)
-
[https://groups.google.com/g/golang-announce/c/qA3XtxvMUyg](https://groups.google.com/g/golang-announce/c/qA3XtxvMUyg)
-
[https://jadaptive.com/important-java-ssh-security-update-new-ssh-vulnerability-discovered-cve-2023-48795/](https://jadaptive.com/important-java-ssh-security-update-new-ssh-vulnerability-discovered-cve-2023-48795/)
-
[https://matt.ucc.asn.au/dropbear/CHANGES](https://matt.ucc.asn.au/dropbear/CHANGES)
-
[https://nest.pijul.com/pijul/thrussh/changes/D6H7OWTTMHHX6BTB3B6MNBOBX2L66CBL4LGSEUSAI2MCRCJDQFRQC](https://nest.pijul.com/pijul/thrussh/changes/D6H7OWTTMHHX6BTB3B6MNBOBX2L66CBL4LGSEUSAI2MCRCJDQFRQC)
-
[https://news.ycombinator.com/item?id=38684904](https://news.ycombinator.com/item?id=38684904)
-
[https://news.ycombinator.com/item?id=38685286](https://news.ycombinator.com/item?id=38685286)
-
[https://oryx-embedded.com/download/#changelog](https://oryx-embedded.com/download/#changelog)
-
[https://security-tracker.debian.org/tracker/CVE-2023-48795](https://security-tracker.debian.org/tracker/CVE-2023-48795)
-
[https://security-tracker.debian.org/tracker/source-package/libssh2](https://security-tracker.debian.org/tracker/source-package/libssh2)
-
[https://security-tracker.debian.org/tracker/source-package/proftpd-dfsg](https://security-tracker.debian.org/tracker/source-package/proftpd-dfsg)
-
[https://security-tracker.debian.org/tracker/source-package/trilead-ssh2](https://security-tracker.debian.org/tracker/source-package/trilead-ssh2)
-
[https://thorntech.com/cve-2023-48795-and-sftp-gateway/](https://thorntech.com/cve-2023-48795-and-sftp-gateway/)
-
[https://twitter.com/TrueSkrillor/status/1736774389725565005](https://twitter.com/TrueSkrillor/status/1736774389725565005)
-
[https://ubuntu.com/security/CVE-2023-48795](https://ubuntu.com/security/CVE-2023-48795)
-
[https://www.bitvise.com/ssh-server-version-history](https://www.bitvise.com/ssh-server-version-history)
-
[https://www.chiark.greenend.org.uk/~sgtatham/putty/changes.html](https://www.chiark.greenend.org.uk/~sgtatham/putty/changes.html)
-
[https://www.crushftp.com/crush10wiki/Wiki.jsp?page=Update](https://www.crushftp.com/crush10wiki/Wiki.jsp?page=Update)
-
[https://www.freebsd.org/security/advisories/FreeBSD-SA-23:19.openssh.asc](https://www.freebsd.org/security/advisories/FreeBSD-SA-23:19.openssh.asc)
-
[https://www.netsarang.com/en/xshell-update-history/](https://www.netsarang.com/en/xshell-update-history/)
-
[https://www.openssh.com/openbsd.html](https://www.openssh.com/openbsd.html)
-
[https://www.openssh.com/txt/release-9.6](https://www.openssh.com/txt/release-9.6)
-
[https://www.openwall.com/lists/oss-security/2023/12/18/2](https://www.openwall.com/lists/oss-security/2023/12/18/2)
-
[https://www.openwall.com/lists/oss-security/2023/12/20/3](https://www.openwall.com/lists/oss-security/2023/12/20/3)
-
[https://www.paramiko.org/changelog.html](https://www.paramiko.org/changelog.html)
-
[https://www.reddit.com/r/sysadmin/comments/18idv52/cve202348795_why_is_this_cve_still_undisclosed/](https://www.reddit.com/r/sysadmin/comments/18idv52/cve202348795_why_is_this_cve_still_undisclosed/)
-
[https://www.suse.com/c/suse-addresses-the-ssh-v2-protocol-terrapin-attack-aka-cve-2023-48795/](https://www.suse.com/c/suse-addresses-the-ssh-v2-protocol-terrapin-attack-aka-cve-2023-48795/)
- [https://www.terrapin-attack.com](https://www.terrapin-attack.com)
-
[http://packetstormsecurity.com/files/176280/Terrapin-SSH-Connection-Weakening.html](http://packetstormsecurity.com/files/176280/Terrapin-SSH-Connection-Weakening.html)
-
[http://www.openwall.com/lists/oss-security/2023/12/18/3](http://www.openwall.com/lists/oss-security/2023/12/18/3)
-
[http://www.openwall.com/lists/oss-security/2023/12/19/5](http://www.openwall.com/lists/oss-security/2023/12/19/5)
-
[http://www.openwall.com/lists/oss-security/2023/12/20/3](http://www.openwall.com/lists/oss-security/2023/12/20/3)

This data is provided by
[OSV](https://osv.dev/vulnerability/GHSA-45x7-px36-x8w8) and the [GitHub
Advisory Database](https://togithub.com/github/advisory-database)
([CC-BY
4.0](https://togithub.com/github/advisory-database/blob/main/LICENSE.md)).
</details>

---

### Man-in-the-middle attacker can compromise integrity of secure
channel in golang.org/x/crypto
[CVE-2023-48795](https://nvd.nist.gov/vuln/detail/CVE-2023-48795) /
[GHSA-45x7-px36-x8w8](https://togithub.com/advisories/GHSA-45x7-px36-x8w8)
/ [GO-2023-2402](https://pkg.go.dev/vuln/GO-2023-2402)

<details>
<summary>More information</summary>

#### Details
A protocol weakness allows a MITM attacker to compromise the integrity
of the secure channel before it is established, allowing the attacker to
prevent transmission of a number of messages immediately after the
secure channel is established without either side being aware.

The impact of this attack is relatively limited, as it does not
compromise confidentiality of the channel. Notably this attack would
allow an attacker to prevent the transmission of the SSH2_MSG_EXT_INFO
message, disabling a handful of newer security features.

This protocol weakness was also fixed in OpenSSH 9.6.

#### Severity
Unknown

#### References
- [https://go.dev/issue/64784](https://go.dev/issue/64784)
- [https://go.dev/cl/550715](https://go.dev/cl/550715)
-
[https://github.com/golang/crypto/commit/9d2ee975ef9fe627bf0a6f01c1f69e8ef1d4f05d](https://togithub.com/golang/crypto/commit/9d2ee975ef9fe627bf0a6f01c1f69e8ef1d4f05d)
-
[https://groups.google.com/g/golang-announce/c/qA3XtxvMUyg](https://groups.google.com/g/golang-announce/c/qA3XtxvMUyg)
-
[https://www.openssh.com/txt/release-9.6](https://www.openssh.com/txt/release-9.6)

This data is provided by
[OSV](https://osv.dev/vulnerability/GO-2023-2402) and the [Go
Vulnerability Database](https://togithub.com/golang/vulndb) ([CC-BY
4.0](https://togithub.com/golang/vulndb#license)).
</details>

---

### Configuration

📅 **Schedule**: Branch creation - "" (UTC), Automerge - At any time (no
schedule defined).

🚦 **Automerge**: Enabled.

♻ **Rebasing**: Whenever PR is behind base branch, or you tick the
rebase/retry checkbox.

🔕 **Ignore**: Close this PR and you won't be reminded about this update
again.

---

- [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check
this box

---

This PR has been generated by [Mend
Renovate](https://www.mend.io/free-developer-tools/renovate/). View
repository job log
[here](https://developer.mend.io/github/sheldonhull/az-pr).

<!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiIzNy4xMDMuMSIsInVwZGF0ZWRJblZlciI6IjM3LjEwMy4xIiwidGFyZ2V0QnJhbmNoIjoibWFpbiJ9-->

Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
@pacion
Copy link

pacion commented Jan 3, 2024

Can you please provide me supression for owasp xml for the vulnerability CVE-2023-48795? @norrisjeremy

@norrisjeremy
Copy link
Contributor Author

@pacion No thank you.

mend-for-github-com bot referenced this pull request in DelineaXPM/dsv-k8s-sidecar Jan 15, 2024
This PR contains the following updates:

| Package | Change | Age | Adoption | Passing | Confidence |
|---|---|---|---|---|---|
| golang.org/x/crypto | `v0.14.0` -> `v0.17.0` |
[![age](https://developer.mend.io/api/mc/badges/age/go/golang.org%2fx%2fcrypto/v0.17.0?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|
[![adoption](https://developer.mend.io/api/mc/badges/adoption/go/golang.org%2fx%2fcrypto/v0.17.0?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|
[![passing](https://developer.mend.io/api/mc/badges/compatibility/go/golang.org%2fx%2fcrypto/v0.14.0/v0.17.0?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|
[![confidence](https://developer.mend.io/api/mc/badges/confidence/go/golang.org%2fx%2fcrypto/v0.14.0/v0.17.0?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|

### GitHub Vulnerability Alerts

####
[CVE-2023-48795](https://togithub.com/warp-tech/russh/security/advisories/GHSA-45x7-px36-x8w8)

### Summary

Terrapin is a prefix truncation attack targeting the SSH protocol. More
precisely, Terrapin breaks the integrity of SSH's secure channel. By
carefully adjusting the sequence numbers during the handshake, an
attacker can remove an arbitrary amount of messages sent by the client
or server at the beginning of the secure channel without the client or
server noticing it.

### Mitigations

To mitigate this protocol vulnerability, OpenSSH suggested a so-called
"strict kex" which alters the SSH handshake to ensure a
Man-in-the-Middle attacker cannot introduce unauthenticated messages as
well as convey sequence number manipulation across handshakes.

**Warning: To take effect, both the client and server must support this
countermeasure.**

As a stop-gap measure, peers may also (temporarily) disable the affected
algorithms and use unaffected alternatives like AES-GCM instead until
patches are available.

### Details

The SSH specifications of ChaCha20-Poly1305
(chacha20-poly1305@&#8203;openssh.com) and Encrypt-then-MAC
(*[email protected] MACs) are vulnerable against an arbitrary prefix
truncation attack (a.k.a. Terrapin attack). This allows for an extension
negotiation downgrade by stripping the SSH_MSG_EXT_INFO sent after the
first message after SSH_MSG_NEWKEYS, downgrading security, and disabling
attack countermeasures in some versions of OpenSSH. When targeting
Encrypt-then-MAC, this attack requires the use of a CBC cipher to be
practically exploitable due to the internal workings of the cipher mode.
Additionally, this novel attack technique can be used to exploit
previously unexploitable implementation flaws in a Man-in-the-Middle
scenario.

The attack works by an attacker injecting an arbitrary number of
SSH_MSG_IGNORE messages during the initial key exchange and consequently
removing the same number of messages just after the initial key exchange
has concluded. This is possible due to missing authentication of the
excess SSH_MSG_IGNORE messages and the fact that the implicit sequence
numbers used within the SSH protocol are only checked after the initial
key exchange.

In the case of ChaCha20-Poly1305, the attack is guaranteed to work on
every connection as this cipher does not maintain an internal state
other than the message's sequence number. In the case of
Encrypt-Then-MAC, practical exploitation requires the use of a CBC
cipher; while theoretical integrity is broken for all ciphers when using
this mode, message processing will fail at the application layer for CTR
and stream ciphers.

For more details see
[https://terrapin-attack.com](https://terrapin-attack.com).

### Impact

This attack targets the specification of ChaCha20-Poly1305
(chacha20-poly1305@&#8203;openssh.com) and Encrypt-then-MAC
(*[email protected]), which are widely adopted by well-known SSH
implementations and can be considered de-facto standard. These
algorithms can be practically exploited; however, in the case of
Encrypt-Then-MAC, we additionally require the use of a CBC cipher. As a
consequence, this attack works against all well-behaving SSH
implementations supporting either of those algorithms and can be used to
downgrade (but not fully strip) connection security in case SSH
extension negotiation (RFC8308) is supported. The attack may also enable
attackers to exploit certain implementation flaws in a man-in-the-middle
(MitM) scenario.

---

### Man-in-the-middle attacker can compromise integrity of secure
channel in golang.org/x/crypto
[CVE-2023-48795](https://nvd.nist.gov/vuln/detail/CVE-2023-48795) /
[GHSA-45x7-px36-x8w8](https://togithub.com/advisories/GHSA-45x7-px36-x8w8)
/ [GO-2023-2402](https://pkg.go.dev/vuln/GO-2023-2402)

<details>
<summary>More information</summary>

#### Details
A protocol weakness allows a MITM attacker to compromise the integrity
of the secure channel before it is established, allowing the attacker to
prevent transmission of a number of messages immediately after the
secure channel is established without either side being aware.

The impact of this attack is relatively limited, as it does not
compromise confidentiality of the channel. Notably this attack would
allow an attacker to prevent the transmission of the SSH2_MSG_EXT_INFO
message, disabling a handful of newer security features.

This protocol weakness was also fixed in OpenSSH 9.6.

#### Severity
Unknown

#### References
- [https://go.dev/issue/64784](https://go.dev/issue/64784)
- [https://go.dev/cl/550715](https://go.dev/cl/550715)
-
[https://github.com/golang/crypto/commit/9d2ee975ef9fe627bf0a6f01c1f69e8ef1d4f05d](https://togithub.com/golang/crypto/commit/9d2ee975ef9fe627bf0a6f01c1f69e8ef1d4f05d)
-
[https://groups.google.com/g/golang-announce/c/qA3XtxvMUyg](https://groups.google.com/g/golang-announce/c/qA3XtxvMUyg)
-
[https://www.openssh.com/txt/release-9.6](https://www.openssh.com/txt/release-9.6)

This data is provided by
[OSV](https://osv.dev/vulnerability/GO-2023-2402) and the [Go
Vulnerability Database](https://togithub.com/golang/vulndb) ([CC-BY
4.0](https://togithub.com/golang/vulndb#license)).
</details>

---

### Prefix Truncation Attack against ChaCha20-Poly1305 and
Encrypt-then-MAC aka Terrapin
[CVE-2023-48795](https://nvd.nist.gov/vuln/detail/CVE-2023-48795) /
[GHSA-45x7-px36-x8w8](https://togithub.com/advisories/GHSA-45x7-px36-x8w8)
/ [GO-2023-2402](https://pkg.go.dev/vuln/GO-2023-2402)

<details>
<summary>More information</summary>

#### Details
##### Summary

Terrapin is a prefix truncation attack targeting the SSH protocol. More
precisely, Terrapin breaks the integrity of SSH's secure channel. By
carefully adjusting the sequence numbers during the handshake, an
attacker can remove an arbitrary amount of messages sent by the client
or server at the beginning of the secure channel without the client or
server noticing it.

##### Mitigations

To mitigate this protocol vulnerability, OpenSSH suggested a so-called
"strict kex" which alters the SSH handshake to ensure a
Man-in-the-Middle attacker cannot introduce unauthenticated messages as
well as convey sequence number manipulation across handshakes.

**Warning: To take effect, both the client and server must support this
countermeasure.**

As a stop-gap measure, peers may also (temporarily) disable the affected
algorithms and use unaffected alternatives like AES-GCM instead until
patches are available.

##### Details

The SSH specifications of ChaCha20-Poly1305
(chacha20-poly1305@&#8203;openssh.com) and Encrypt-then-MAC
(*[email protected] MACs) are vulnerable against an arbitrary prefix
truncation attack (a.k.a. Terrapin attack). This allows for an extension
negotiation downgrade by stripping the SSH_MSG_EXT_INFO sent after the
first message after SSH_MSG_NEWKEYS, downgrading security, and disabling
attack countermeasures in some versions of OpenSSH. When targeting
Encrypt-then-MAC, this attack requires the use of a CBC cipher to be
practically exploitable due to the internal workings of the cipher mode.
Additionally, this novel attack technique can be used to exploit
previously unexploitable implementation flaws in a Man-in-the-Middle
scenario.

The attack works by an attacker injecting an arbitrary number of
SSH_MSG_IGNORE messages during the initial key exchange and consequently
removing the same number of messages just after the initial key exchange
has concluded. This is possible due to missing authentication of the
excess SSH_MSG_IGNORE messages and the fact that the implicit sequence
numbers used within the SSH protocol are only checked after the initial
key exchange.

In the case of ChaCha20-Poly1305, the attack is guaranteed to work on
every connection as this cipher does not maintain an internal state
other than the message's sequence number. In the case of
Encrypt-Then-MAC, practical exploitation requires the use of a CBC
cipher; while theoretical integrity is broken for all ciphers when using
this mode, message processing will fail at the application layer for CTR
and stream ciphers.

For more details see
[https://terrapin-attack.com](https://terrapin-attack.com).

##### Impact

This attack targets the specification of ChaCha20-Poly1305
(chacha20-poly1305@&#8203;openssh.com) and Encrypt-then-MAC
(*[email protected]), which are widely adopted by well-known SSH
implementations and can be considered de-facto standard. These
algorithms can be practically exploited; however, in the case of
Encrypt-Then-MAC, we additionally require the use of a CBC cipher. As a
consequence, this attack works against all well-behaving SSH
implementations supporting either of those algorithms and can be used to
downgrade (but not fully strip) connection security in case SSH
extension negotiation (RFC8308) is supported. The attack may also enable
attackers to exploit certain implementation flaws in a man-in-the-middle
(MitM) scenario.

#### Severity
- CVSS Score: 5.9 / 10 (Medium)
- Vector String: `CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N`

#### References
-
[https://github.com/warp-tech/russh/security/advisories/GHSA-45x7-px36-x8w8](https://togithub.com/warp-tech/russh/security/advisories/GHSA-45x7-px36-x8w8)
-
[https://nvd.nist.gov/vuln/detail/CVE-2023-48795](https://nvd.nist.gov/vuln/detail/CVE-2023-48795)
-
[https://github.com/PowerShell/Win32-OpenSSH/issues/2189](https://togithub.com/PowerShell/Win32-OpenSSH/issues/2189)
-
[https://github.com/apache/mina-sshd/issues/445](https://togithub.com/apache/mina-sshd/issues/445)
-
[https://github.com/cyd01/KiTTY/issues/520](https://togithub.com/cyd01/KiTTY/issues/520)
-
[https://github.com/hierynomus/sshj/issues/916](https://togithub.com/hierynomus/sshj/issues/916)
-
[https://github.com/janmojzis/tinyssh/issues/81](https://togithub.com/janmojzis/tinyssh/issues/81)
-
[https://github.com/mwiede/jsch/issues/457](https://togithub.com/mwiede/jsch/issues/457)
-
[https://github.com/paramiko/paramiko/issues/2337](https://togithub.com/paramiko/paramiko/issues/2337)
-
[https://github.com/proftpd/proftpd/issues/456](https://togithub.com/proftpd/proftpd/issues/456)
-
[https://github.com/ssh-mitm/ssh-mitm/issues/165](https://togithub.com/ssh-mitm/ssh-mitm/issues/165)
-
[https://github.com/NixOS/nixpkgs/pull/275249](https://togithub.com/NixOS/nixpkgs/pull/275249)
-
[https://github.com/libssh2/libssh2/pull/1291](https://togithub.com/libssh2/libssh2/pull/1291)
-
[https://github.com/mwiede/jsch/pull/461](https://togithub.com/mwiede/jsch/pull/461)
-
[https://github.com/TeraTermProject/teraterm/commit/7279fbd6ef4d0c8bdd6a90af4ada2899d786eec0](https://togithub.com/TeraTermProject/teraterm/commit/7279fbd6ef4d0c8bdd6a90af4ada2899d786eec0)
-
[https://github.com/connectbot/sshlib/commit/5c8b534f6e97db7ac0e0e579331213aa25c173ab](https://togithub.com/connectbot/sshlib/commit/5c8b534f6e97db7ac0e0e579331213aa25c173ab)
-
[https://github.com/golang/crypto/commit/9d2ee975ef9fe627bf0a6f01c1f69e8ef1d4f05d](https://togithub.com/golang/crypto/commit/9d2ee975ef9fe627bf0a6f01c1f69e8ef1d4f05d)
-
[https://github.com/jtesta/ssh-audit/commit/8e972c5e94b460379fe0c7d20209c16df81538a5](https://togithub.com/jtesta/ssh-audit/commit/8e972c5e94b460379fe0c7d20209c16df81538a5)
-
[https://github.com/mscdex/ssh2/commit/97b223f8891b96d6fc054df5ab1d5a1a545da2a3](https://togithub.com/mscdex/ssh2/commit/97b223f8891b96d6fc054df5ab1d5a1a545da2a3)
-
[https://github.com/warp-tech/russh/commit/1aa340a7df1d5be1c0f4a9e247aade76dfdd2951](https://togithub.com/warp-tech/russh/commit/1aa340a7df1d5be1c0f4a9e247aade76dfdd2951)
-
[https://access.redhat.com/security/cve/cve-2023-48795](https://access.redhat.com/security/cve/cve-2023-48795)
-
[https://arstechnica.com/security/2023/12/hackers-can-break-ssh-channel-integrity-using-novel-data-corruption-attack/](https://arstechnica.com/security/2023/12/hackers-can-break-ssh-channel-integrity-using-novel-data-corruption-attack/)
- [https://bugs.gentoo.org/920280](https://bugs.gentoo.org/920280)
-
[https://bugzilla.redhat.com/show_bug.cgi?id=2254210](https://bugzilla.redhat.com/show_bug.cgi?id=2254210)
-
[https://bugzilla.suse.com/show_bug.cgi?id=1217950](https://bugzilla.suse.com/show_bug.cgi?id=1217950)
-
[https://crates.io/crates/thrussh/versions](https://crates.io/crates/thrussh/versions)
-
[https://filezilla-project.org/versions.php](https://filezilla-project.org/versions.php)
-
[https://forum.netgate.com/topic/184941/terrapin-ssh-attack](https://forum.netgate.com/topic/184941/terrapin-ssh-attack)
-
[https://git.libssh.org/projects/libssh.git/commit/?h=stable-0.10&id=10e09e273f69e149389b3e0e5d44b8c221c2e7f6](https://git.libssh.org/projects/libssh.git/commit/?h=stable-0.10&id=10e09e273f69e149389b3e0e5d44b8c221c2e7f6)
-
[https://github.com/PowerShell/Win32-OpenSSH/releases/tag/v9.5.0.0p1-Beta](https://togithub.com/PowerShell/Win32-OpenSSH/releases/tag/v9.5.0.0p1-Beta)
-
[https://github.com/TeraTermProject/teraterm/releases/tag/v5.1](https://togithub.com/TeraTermProject/teraterm/releases/tag/v5.1)
-
[https://github.com/advisories/GHSA-45x7-px36-x8w8](https://togithub.com/advisories/GHSA-45x7-px36-x8w8)
-
[https://github.com/connectbot/sshlib/compare/2.2.21...2.2.22](https://togithub.com/connectbot/sshlib/compare/2.2.21...2.2.22)
-
[https://github.com/drakkan/sftpgo/releases/tag/v2.5.6](https://togithub.com/drakkan/sftpgo/releases/tag/v2.5.6)
-
[https://github.com/erlang/otp/blob/d1b43dc0f1361d2ad67601169e90a7fc50bb0369/lib/ssh/doc/src/notes.xml#L39-L42](https://togithub.com/erlang/otp/blob/d1b43dc0f1361d2ad67601169e90a7fc50bb0369/lib/ssh/doc/src/notes.xml#L39-L42)
-
[https://github.com/erlang/otp/releases/tag/OTP-26.2.1](https://togithub.com/erlang/otp/releases/tag/OTP-26.2.1)
-
[https://github.com/mkj/dropbear/blob/17657c36cce6df7716d5ff151ec09a665382d5dd/CHANGES#L25](https://togithub.com/mkj/dropbear/blob/17657c36cce6df7716d5ff151ec09a665382d5dd/CHANGES#L25)
-
[https://github.com/mwiede/jsch/compare/jsch-0.2.14...jsch-0.2.15](https://togithub.com/mwiede/jsch/compare/jsch-0.2.14...jsch-0.2.15)
-
[https://github.com/net-ssh/net-ssh/blob/2e65064a52d73396bfc3806c9196fc8108f33cd8/CHANGES.txt#L14-L16](https://togithub.com/net-ssh/net-ssh/blob/2e65064a52d73396bfc3806c9196fc8108f33cd8/CHANGES.txt#L14-L16)
-
[https://github.com/openssh/openssh-portable/commits/master](https://togithub.com/openssh/openssh-portable/commits/master)
-
[https://github.com/proftpd/proftpd/blob/0a7ea9b0ba9fcdf368374a226370d08f10397d99/RELEASE_NOTES](https://togithub.com/proftpd/proftpd/blob/0a7ea9b0ba9fcdf368374a226370d08f10397d99/RELEASE_NOTES)
-
[https://github.com/proftpd/proftpd/blob/d21e7a2e47e9b38f709bec58e3fa711f759ad0e1/RELEASE_NOTES](https://togithub.com/proftpd/proftpd/blob/d21e7a2e47e9b38f709bec58e3fa711f759ad0e1/RELEASE_NOTES)
-
[https://github.com/proftpd/proftpd/blob/master/RELEASE_NOTES](https://togithub.com/proftpd/proftpd/blob/master/RELEASE_NOTES)
-
[https://github.com/rapier1/hpn-ssh/releases](https://togithub.com/rapier1/hpn-ssh/releases)
-
[https://github.com/ronf/asyncssh/blob/develop/docs/changes.rst](https://togithub.com/ronf/asyncssh/blob/develop/docs/changes.rst)
-
[https://github.com/ronf/asyncssh/tags](https://togithub.com/ronf/asyncssh/tags)
-
[https://github.com/warp-tech/russh](https://togithub.com/warp-tech/russh)
-
[https://github.com/warp-tech/russh/releases/tag/v0.40.2](https://togithub.com/warp-tech/russh/releases/tag/v0.40.2)
-
[https://gitlab.com/libssh/libssh-mirror/-/tags](https://gitlab.com/libssh/libssh-mirror/-/tags)
- [https://go.dev/cl/550715](https://go.dev/cl/550715)
- [https://go.dev/issue/64784](https://go.dev/issue/64784)
-
[https://groups.google.com/g/golang-announce/c/-n5WqVC18LQ](https://groups.google.com/g/golang-announce/c/-n5WqVC18LQ)
-
[https://groups.google.com/g/golang-announce/c/qA3XtxvMUyg](https://groups.google.com/g/golang-announce/c/qA3XtxvMUyg)
-
[https://help.panic.com/releasenotes/transmit5/](https://help.panic.com/releasenotes/transmit5/)
-
[https://jadaptive.com/important-java-ssh-security-update-new-ssh-vulnerability-discovered-cve-2023-48795/](https://jadaptive.com/important-java-ssh-security-update-new-ssh-vulnerability-discovered-cve-2023-48795/)
-
[https://lists.debian.org/debian-lts-announce/2023/12/msg00017.html](https://lists.debian.org/debian-lts-announce/2023/12/msg00017.html)
-
[https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/33XHJUB6ROFUOH2OQNENFROTVH6MHSHA/](https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/33XHJUB6ROFUOH2OQNENFROTVH6MHSHA/)
-
[https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3CAYYW35MUTNO65RVAELICTNZZFMT2XS/](https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3CAYYW35MUTNO65RVAELICTNZZFMT2XS/)
-
[https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3YQLUQWLIHDB5QCXQEX7HXHAWMOKPP5O/](https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3YQLUQWLIHDB5QCXQEX7HXHAWMOKPP5O/)
-
[https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/APYIXIQOVDCRWLHTGB4VYMAUIAQLKYJ3/](https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/APYIXIQOVDCRWLHTGB4VYMAUIAQLKYJ3/)
-
[https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BL5KTLOSLH2KHRN4HCXJPK3JUVLDGEL6/](https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BL5KTLOSLH2KHRN4HCXJPK3JUVLDGEL6/)
-
[https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/C3AFMZ6MH2UHHOPIWT5YLSFV3D2VB3AC/](https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/C3AFMZ6MH2UHHOPIWT5YLSFV3D2VB3AC/)
-
[https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/F7EYCFQCTSGJXWO3ZZ44MGKFC5HA7G3Y/](https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/F7EYCFQCTSGJXWO3ZZ44MGKFC5HA7G3Y/)
-
[https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KMZCVGUGJZZVDPCVDA7TEB22VUCNEXDD/](https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KMZCVGUGJZZVDPCVDA7TEB22VUCNEXDD/)
-
[https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LZQVUHWVWRH73YBXUQJOD6CKHDQBU3DM/](https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LZQVUHWVWRH73YBXUQJOD6CKHDQBU3DM/)
-
[https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MKQRBF3DWMWPH36LBCOBUTSIZRTPEZXB/](https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MKQRBF3DWMWPH36LBCOBUTSIZRTPEZXB/)
-
[https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QI3EHAHABFQK7OABNCSF5GMYP6TONTI7/](https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QI3EHAHABFQK7OABNCSF5GMYP6TONTI7/)
-
[https://matt.ucc.asn.au/dropbear/CHANGES](https://matt.ucc.asn.au/dropbear/CHANGES)
-
[https://nest.pijul.com/pijul/thrussh/changes/D6H7OWTTMHHX6BTB3B6MNBOBX2L66CBL4LGSEUSAI2MCRCJDQFRQC](https://nest.pijul.com/pijul/thrussh/changes/D6H7OWTTMHHX6BTB3B6MNBOBX2L66CBL4LGSEUSAI2MCRCJDQFRQC)
-
[https://news.ycombinator.com/item?id=38684904](https://news.ycombinator.com/item?id=38684904)
-
[https://news.ycombinator.com/item?id=38685286](https://news.ycombinator.com/item?id=38685286)
-
[https://news.ycombinator.com/item?id=38732005](https://news.ycombinator.com/item?id=38732005)
- [https://nova.app/releases/#v11.8](https://nova.app/releases/#v11.8)
-
[https://oryx-embedded.com/download/#changelog](https://oryx-embedded.com/download/#changelog)
-
[https://roumenpetrov.info/secsh/#news20231220](https://roumenpetrov.info/secsh/#news20231220)
-
[https://security-tracker.debian.org/tracker/CVE-2023-48795](https://security-tracker.debian.org/tracker/CVE-2023-48795)
-
[https://security-tracker.debian.org/tracker/source-package/libssh2](https://security-tracker.debian.org/tracker/source-package/libssh2)
-
[https://security-tracker.debian.org/tracker/source-package/proftpd-dfsg](https://security-tracker.debian.org/tracker/source-package/proftpd-dfsg)
-
[https://security-tracker.debian.org/tracker/source-package/trilead-ssh2](https://security-tracker.debian.org/tracker/source-package/trilead-ssh2)
-
[https://security.gentoo.org/glsa/202312-16](https://security.gentoo.org/glsa/202312-16)
-
[https://security.gentoo.org/glsa/202312-17](https://security.gentoo.org/glsa/202312-17)
-
[https://security.netapp.com/advisory/ntap-20240105-0004/](https://security.netapp.com/advisory/ntap-20240105-0004/)
-
[https://thorntech.com/cve-2023-48795-and-sftp-gateway/](https://thorntech.com/cve-2023-48795-and-sftp-gateway/)
-
[https://twitter.com/TrueSkrillor/status/1736774389725565005](https://twitter.com/TrueSkrillor/status/1736774389725565005)
-
[https://ubuntu.com/security/CVE-2023-48795](https://ubuntu.com/security/CVE-2023-48795)
-
[https://winscp.net/eng/docs/history#6.2.2](https://winscp.net/eng/docs/history#6.2.2)
-
[https://www.bitvise.com/ssh-client-version-history#933](https://www.bitvise.com/ssh-client-version-history#933)
-
[https://www.bitvise.com/ssh-server-version-history](https://www.bitvise.com/ssh-server-version-history)
-
[https://www.chiark.greenend.org.uk/~sgtatham/putty/changes.html](https://www.chiark.greenend.org.uk/~sgtatham/putty/changes.html)
-
[https://www.crushftp.com/crush10wiki/Wiki.jsp?page=Update](https://www.crushftp.com/crush10wiki/Wiki.jsp?page=Update)
-
[https://www.debian.org/security/2023/dsa-5586](https://www.debian.org/security/2023/dsa-5586)
-
[https://www.debian.org/security/2023/dsa-5588](https://www.debian.org/security/2023/dsa-5588)
-
[https://www.freebsd.org/security/advisories/FreeBSD-SA-23:19.openssh.asc](https://www.freebsd.org/security/advisories/FreeBSD-SA-23:19.openssh.asc)
-
[https://www.lancom-systems.de/service-support/allgemeine-sicherheitshinweise#c243508](https://www.lancom-systems.de/service-support/allgemeine-sicherheitshinweise#c243508)
-
[https://www.netsarang.com/en/xshell-update-history/](https://www.netsarang.com/en/xshell-update-history/)
-
[https://www.openssh.com/openbsd.html](https://www.openssh.com/openbsd.html)
-
[https://www.openssh.com/txt/release-9.6](https://www.openssh.com/txt/release-9.6)
-
[https://www.openwall.com/lists/oss-security/2023/12/18/2](https://www.openwall.com/lists/oss-security/2023/12/18/2)
-
[https://www.openwall.com/lists/oss-security/2023/12/20/3](https://www.openwall.com/lists/oss-security/2023/12/20/3)
-
[https://www.paramiko.org/changelog.html](https://www.paramiko.org/changelog.html)
-
[https://www.reddit.com/r/sysadmin/comments/18idv52/cve202348795_why_is_this_cve_still_undisclosed/](https://www.reddit.com/r/sysadmin/comments/18idv52/cve202348795_why_is_this_cve_still_undisclosed/)
-
[https://www.suse.com/c/suse-addresses-the-ssh-v2-protocol-terrapin-attack-aka-cve-2023-48795/](https://www.suse.com/c/suse-addresses-the-ssh-v2-protocol-terrapin-attack-aka-cve-2023-48795/)
- [https://www.terrapin-attack.com](https://www.terrapin-attack.com)
-
[https://www.theregister.com/2023/12/20/terrapin_attack_ssh](https://www.theregister.com/2023/12/20/terrapin_attack_ssh)
-
[https://www.vandyke.com/products/securecrt/history.txt](https://www.vandyke.com/products/securecrt/history.txt)
-
[http://packetstormsecurity.com/files/176280/Terrapin-SSH-Connection-Weakening.html](http://packetstormsecurity.com/files/176280/Terrapin-SSH-Connection-Weakening.html)
-
[http://www.openwall.com/lists/oss-security/2023/12/18/3](http://www.openwall.com/lists/oss-security/2023/12/18/3)
-
[http://www.openwall.com/lists/oss-security/2023/12/19/5](http://www.openwall.com/lists/oss-security/2023/12/19/5)
-
[http://www.openwall.com/lists/oss-security/2023/12/20/3](http://www.openwall.com/lists/oss-security/2023/12/20/3)

This data is provided by
[OSV](https://osv.dev/vulnerability/GHSA-45x7-px36-x8w8) and the [GitHub
Advisory Database](https://togithub.com/github/advisory-database)
([CC-BY
4.0](https://togithub.com/github/advisory-database/blob/main/LICENSE.md)).
</details>

---

### Configuration

📅 **Schedule**: Branch creation - "" (UTC), Automerge - At any time (no
schedule defined).

🚦 **Automerge**: Enabled.

♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the
rebase/retry checkbox.

👻 **Immortal**: This PR will be recreated if closed unmerged. Get
[config help](https://togithub.com/renovatebot/renovate/discussions) if
that's undesired.

---

- [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check
this box

<!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiIzNy41Mi4wIiwidXBkYXRlZEluVmVyIjoiMzcuMTA4LjAiLCJ0YXJnZXRCcmFuY2giOiJtYWluIn0=-->

Co-authored-by: mend-for-github-com[bot] <50673670+mend-for-github-com[bot]@users.noreply.github.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

4 participants