request #35865 Adjust SSHd crypto settings to prevent Terrapin attack / CVE-2023-48795

Artifact

Infos

Artifact ID#35865

Submitted byThomas Gerbet (tgerbet)

Last Modified On2024-01-24 10:27

Submitted on2024-01-23 11:06

Rank37451

Details

Summary *

Adjust SSHd crypto settings to prevent Terrapin attack / CVE-2023-48795

Original Submission

Impact is low but we should provide container images with sane default settings (at least so we do not receive "vulnerability" scan made by automated tools...).

More info here: https://terrapin-attack.com/

CategoryDocker images

Reported in versionAll

PlatformEmpty

Is an Enhancement or an internal improvement?

[ ] enhancement
[ ] internal improvement

CC listEmpty

Stage

Assigned toThomas Gerbet (tgerbet)

StatusClosed

Close date2024-01-24

Attachments

Connected artifacts

Artifact links

Releases

Fixed in

	Artifact ID	Project	Tracker	Summary	Status	Last Update Date	Submitted By	Assigned to
	rel #35497	Tuleap	Releases	15.5	Delivered	2024-05-02 12:01	Manuel Vacelet (vaceletm)

Reverse artifact links

Empty

AttachmentsEmpty

References

Cross references

Referencing request #35865

Git commit

tuleap/tuleap/stable

fix: request #35865 Adjust SSHd crypto settings to prevent Terrapin attack / CVE-2023-48795 5b57717bc3

Thomas Gerbet (tgerbet) , 2024-01-23 11:08

Merge commit 'refs/changes/84/30284/1' of ssh://gerrit.tuleap.net:29418/tuleap into HEAD 002256ace6

Joris MASSON (jmasson) , 2024-01-24 10:26

Show items referenced by request #35865

Referenced by request #35865

Artifact Tracker v5

rel #35497 15.5

Other

gerrit #30284

Follow-ups

Joris MASSON (jmasson)

2024-01-24 10:27

Status changed from Under review to Closed
Connected artifacts
- Added Fixed in: rel #35497
Close date set to 2024-01-24

Thomas Gerbet (tgerbet)

2024-01-23 11:25

See gerrit #30284.

Status changed from Under implementation to Under review

Public