Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 920421 - <net-ftp/filezilla-3.66.4: Terrapin vulnerability
Summary: <net-ftp/filezilla-3.66.4: Terrapin vulnerability
Alias: None
Product: Gentoo Security
Classification: Unclassified
Component: Vulnerabilities (show other bugs)
Hardware: All Linux
: Normal normal (vote)
Assignee: Gentoo Security
Whiteboard: B3 [glsa?]
Depends on: 920449
Blocks: CVE-2023-48795
  Show dependency tree
Reported: 2023-12-20 19:13 UTC by Torsten Kaiser
Modified: 2023-12-22 09:27 UTC (History)
2 users (show)

See Also:
Package list:
Runtime testing required: ---


Note You need to log in before you can comment on or make changes to this bug.
Description Torsten Kaiser 2023-12-20 19:13:27 UTC
Filezilla is also affected by this vulnerability, a new version has been released:
    2023-12-20 - FileZilla Client 3.66.4 released
    Fixed vulnerabilities:
        SFTP: Address Terrapin protocol vulerability
Comment 1 Sam James archtester Gentoo Infrastructure gentoo-dev Security 2023-12-21 07:09:35 UTC
We only put fixed versions-in-tree in the summary to make it easier to spot unfixed stuff. Also, CCing maintainers. Thanks for the report!
Comment 2 Bernard Cafarelli gentoo-dev 2023-12-21 08:06:15 UTC
I just pushed 3.66.4 in tree, stable request in progress (it should be minor changes over current stable 3.66.1)
Comment 3 Sam James archtester Gentoo Infrastructure gentoo-dev Security 2023-12-21 10:44:22 UTC
Thank you!
Comment 4 Larry the Git Cow gentoo-dev 2023-12-22 08:38:26 UTC
The bug has been referenced in the following commit(s):

commit da726c98190866d3fa8ccfa9d585c84731169be4
Author:     Bernard Cafarelli <>
AuthorDate: 2023-12-22 08:38:17 +0000
Commit:     Bernard Cafarelli <>
CommitDate: 2023-12-22 08:38:17 +0000

    net-ftp/filezilla: drop 3.66.1
    Signed-off-by: Bernard Cafarelli <>

 net-ftp/filezilla/Manifest                |  1 -
 net-ftp/filezilla/filezilla-3.66.1.ebuild | 75 -------------------------------
 2 files changed, 76 deletions(-)