mirror of
https://github.com/jtesta/ssh-audit.git
synced 2025-06-22 02:33:40 +02:00
Fixed parsing of ecdsa-sha2-nistp* CA signatures on host keys. Additionally, they are now flagged as potentially back-doored, just as standard host keys are. (#239)
This commit is contained in:
@ -181,6 +181,7 @@ For convenience, a web front-end on top of the command-line tool is available at
|
||||
### v3.2.0-dev (???)
|
||||
- Expanded filter of CBC ciphers to flag for the Terrapin vulnerability. It now includes more rarely found ciphers.
|
||||
- Color output is disabled if the `NO_COLOR` environment variable is set (see https://no-color.org/).
|
||||
- Fixed parsing of ecdsa-sha2-nistp* CA signatures on host keys. Additionally, they are now flagged as potentially back-doored, just as standard host keys are.
|
||||
|
||||
### v3.1.0 (2023-12-20)
|
||||
- Added test for the Terrapin message prefix truncation vulnerability ([CVE-2023-48795](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-48795)).
|
||||
|
Reference in New Issue
Block a user