There are several options available to mitigate the risk of exposure to CVE-2023-48795 for Maverick Legacy Client-enabled applications In code Use the code below before making any call to SshConnector.connect. SshConnector ssh = SshConnector.createInstance(); Ssh2Context ctx = ssh.getContext(); ctx.supportedCiphersCS().remove(Ssh2Context.CIPHER_CHACHA20_POLY1305); ctx.supportedCiphersSC().remove(Ssh2Context.CIPHER_CHACHA20_POLY1305); ctx.supportedMacsCS().remove(Ssh2Context.HMAC_SHA256_ETM); ctx.supportedMacsCS().remove(Ssh2Context.HMAC_SHA512_ETM); ctx.supportedMacsCS().remove(Ssh2Context.HMAC_SHA1_ETM); ctx.supportedMacsCS().remove(Ssh2Context.HMAC_MD5_ETM); ctx.supportedMacsSC().remove(Ssh2Context.HMAC_SHA256_ETM); ctx.supportedMacsSC().remove(Ssh2Context.HMAC_SHA512_ETM); ctx.supportedMacsSC().remove(Ssh2Context.HMAC_SHA1_ETM); ctx.supportedMacsSC().remove(Ssh2Context.HMAC_MD5_ETM); Using System Properties You do not need […]
Category: Uncategorized
Maverick Legacy Client 1.7.49 Released
This release contains bug fixes and minor feature enhancements. OpenSSH Certificate Bug A bug in processing extensions in OpenSSH Certificates caused authentication failures when custom extensions were present in the certificate. Improved Remote Hashing We have implemented the SFTP extensions “check-file-name” and “check-file-handle” to improve the existing support of MD5 hashes to include SHA-1, SHA-256 […]
Maverick Legacy Server 1.7.49 Released
This release contains bug fixes and minor feature enhancements. OpenSSH Certificate Bug A bug in processing extensions in OpenSSH Certificates caused authentication failures when custom extensions were present in the certificate. Improved SFTP Extensions We have implemented the SFTP extensions “check-file-name” and “check-file-handle” to improve the existing support of MD5 hashes to include SHA-1, SHA-256 […]
Maverick Synergy Hotfixes 3.0.16
This update is a bug-fix release. OpenSSH Certificate Bug A bug in processing extensions in OpenSSH Certificates caused authentication failures when custom extensions were present in the certificate. For a complete list of changes, please visit our Changelog: […]
Maverick Legacy Server 1.7.44
This minor update contains a customer support related bug fix, support for the new PuTTY Private Key format and a new public/private key implementation. PuTTY Private Keys Introduced in version 0.75, version 3 of the PuTTY Private Key File Format uses an Argon2 key derivation function incompatible with our previous implementation. This update includes support […]
Maverick Legacy Client 1.7.44
This release includes minor bug fixes to the Adaptive Configuration files’ match directive support and a new PuTTY Private Key files implementation. PuTTY Private Keys Introduced in version 0.75, version 3 of the PuTTY Private Key File Format uses an Argon2 key derivation function incompatible with our previous implementation. This update includes support for version […]