elie/ssh-audit
1
0
Fork 0
mirror of https://github.com/jtesta/ssh-audit.git synced 2025-06-23 02:54:33 +02:00
Code Issues Packages Projects Releases Wiki Activity

Added test for the Terrapin vulnerability (CVE-2023-48795) (#227).

Browse Source
This commit is contained in:
Joe Testa
2023-12-18 18:24:49 -05:00
parent 46eb970376
commit 8e972c5e94
4 changed files with 49 additions and 5 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
README.md
View File

@ -184,6 +184,7 @@ For convenience, a web front-end on top of the command-line tool is available at
- In Ubuntu 22.04 client policy, moved host key types `sk-ssh-ed25519@openssh.com` and `ssh-ed25519` to the end of all certificate types.
- Re-organized option host key types for OpenSSH 9.2 server policy to correspond with updated Debian 12 hardening guide.
- Dropped support for Python 3.7 (EOL was reached in June 2023).
- Added test for the Terrapin message prefix truncation vulnerability ([CVE-2023-48795](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-48795)).
### v3.0.0 (2023-09-07)
- Results from concurrent scans against multiple hosts are no longer improperly combined; bug discovered by [Adam Russell](https://github.com/thecliguy).