CompleteFTP is not affected by the Terrapin vulnerability

There's a new vulnerability in OpenSSH that has just been reported, known as the Terrapin attack.

A good explanation is provided by Ars Technica.

According to Ars Technica, Terrapin only works against SSH implementations that offer the chacha20-poly1305@openssh.com encryption algorithm, or any cbc encryption algorithm in conjunction with any any *-etm@openssh.com MAC algorithm.

CompleteFTP does not support any OpenSSH-specific algorithms (the @openssh.com algorithms) so our assessment at this point is that CompleteFTP is not vulnerable to Terrapin.

Our SSH client products edtFTPnet/PRO and edtFTPj/PRO also do not support these algorithms, and are similarly not affected by Terrapin.