Bitbucket vulnerable to Terrapin weakness?

Hello,

out security team reported, that the integrated SSH server in Bitbucket is vulnerable to a weakness called terrapin, which allows man-in-the-middle-attack.

What is the status regarding a security update? Bitbucket 7.21.22 was released but if we belive the changelog, there is no terrapin fix inside.

2 answers

1 accepted

Suggest an answer

2 votes

Answer accepted

This is worrying.

You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.

Comment

0 votes

Hi @DW

Please email security@atlassian.com to follow up.

Thank you

Jodie

You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.

Comment

Was this helpful?

Thanks!

Trust & Security

Products

Community resources

Support

Top groups

Community resources

Support

Learn

Community resources

Support

Events

Community resources

Support

Get product advice from experts

Join a community group

Advance your career with learning paths

Earn badges and rewards

Connect and share ideas at events

Bitbucket vulnerable to Terrapin weakness?

2 answers

1 accepted

Suggest an answer

Was this helpful?

Thanks!

TAGS

Atlassian Community Events

Ask a question

Start a discussion

Products

Community resources

Support

Top groups

Community resources

Support

Learn

Community resources

Support

Events

Community resources

Support

Get product advice from experts

Join a community group

Advance your career with learning paths

Earn badges and rewards

Connect and share ideas at events

Bitbucket vulnerable to Terrapin weakness?

2 answers

1 accepted

Suggest an answer

Was this helpful?

Thanks!

TAGS

Atlassian Community Events