Filezilla is also affected by this vulnerability, a new version has been released: https://filezilla-project.org/ News 2023-12-20 - FileZilla Client 3.66.4 released Fixed vulnerabilities: SFTP: Address Terrapin protocol vulerability
We only put fixed versions-in-tree in the summary to make it easier to spot unfixed stuff. Also, CCing maintainers. Thanks for the report!
I just pushed 3.66.4 in tree, stable request in progress (it should be minor changes over current stable 3.66.1)
Thank you!
The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=da726c98190866d3fa8ccfa9d585c84731169be4 commit da726c98190866d3fa8ccfa9d585c84731169be4 Author: Bernard Cafarelli <voyageur@gentoo.org> AuthorDate: 2023-12-22 08:38:17 +0000 Commit: Bernard Cafarelli <voyageur@gentoo.org> CommitDate: 2023-12-22 08:38:17 +0000 net-ftp/filezilla: drop 3.66.1 Bug: https://bugs.gentoo.org/920421 Signed-off-by: Bernard Cafarelli <voyageur@gentoo.org> net-ftp/filezilla/Manifest | 1 - net-ftp/filezilla/filezilla-3.66.1.ebuild | 75 ------------------------------- 2 files changed, 76 deletions(-)