SUSE-SU-2024:0972-1

Source
https://www.suse.com/support/update/announcement/2024/suse-su-20240972-1/
Import Source
https://ftp.suse.com/pub/projects/security/osv/SUSE-SU-2024:0972-1.json
JSON Data
https://api.osv.dev/v1/vulns/SUSE-SU-2024:0972-1
Related
Published
2024-03-22T10:21:42Z
Modified
2024-03-22T10:21:42Z
Summary
Security update for jbcrypt, trilead-ssh2
Details

This update for jbcrypt, trilead-ssh2 fixes the following issues:

  • CVE-2023-48795: Fixed prefix truncation breaking ssh channel integrity aka Terrapin Attack (bsc#1218198).
References

Affected packages

openSUSE:Leap 15.5 / trilead-ssh2

Package

Name
trilead-ssh2
Purl
purl:rpm/suse/trilead-ssh2&distro=openSUSE%20Leap%2015.5

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
217.293.v56de4d4d3515-150200.3.7.1

Ecosystem specific

{
    "binaries": [
        {
            "trilead-ssh2": "217.293.v56de4d4d3515-150200.3.7.1",
            "trilead-ssh2-javadoc": "217.293.v56de4d4d3515-150200.3.7.1"
        }
    ]
}