I do not know if Absolute Telnet is impacted by this. I'm just passing the info along as I've been getting news alerts about it.
I'm looking into it. This is a fairly recent development.
Best practice recommendation is to disable vulnerable algorithms.... ETM macs (options/properties/connection/ssh2/encryption), cbc mode encryptions (same page) as well as ChaCha20-Poly1305 (but Absolute doesn't even implement that)
To disable an algorithm, select it and re-order it below the 'algorithms below this line are disabled' line.
There will likely be a new version coming out to address this specifically. OpenSSH has introduced a feature called "strict key exchange" which is rapidly becoming the de-facto solution for this.
Stay tuned....
Brian
Update have been made that address the Terrapin vulnerability.
See here for details: http://www.celestialsoftware.net/terrapin
Go here to download Absolute 12.11 or higher:
