dropbear 2016.74-5+deb9u1 source package in Debian
Changelog
dropbear (2016.74-5+deb9u1) stretch; urgency=medium
* Backport security fix for CVE-2018-15599: The recv_msg_userauth_request
function in svr-auth.c in Dropbear through 2018.76 is prone to a user
enumeration vulnerability because username validity affects how fields in
SSH_MSG_USERAUTH messages are handled. (Closes: #906890.)
Adapted from https://secure.ucc.asn.au/hg/dropbear/rev/5d2d1021ca00 .
-- Guilhem Moulin <email address hidden> Fri, 24 Aug 2018 02:08:38 +0200
Upload details
- Uploaded by:
- Guilhem Moulin
- Uploaded to:
- Stretch
- Original maintainer:
- Guilhem Moulin
- Architectures:
- any all
- Section:
- net
- Urgency:
- Medium Urgency
See full publishing history Publishing
| Series | Published | Component | Section | |
|---|---|---|---|---|
| Stretch | release | main | net |
Builds
Downloads
| File | Size | SHA-256 Checksum |
|---|---|---|
| dropbear_2016.74-5+deb9u1.dsc | 2.1 KiB | f34cfc94f0686d4b2df1d440336b0db314a886f630a428944edc4d422492882d |
| dropbear_2016.74.orig.tar.bz2 | 1.5 MiB | a532bf883529129a105c82181fc6cc89619e2aa34822fc74deccb5566f754f26 |
| dropbear_2016.74-5+deb9u1.debian.tar.xz | 23.7 KiB | 157ccb0a7cde208462eab99cf246347127c7eac6d0ea571e27434819c43bba83 |
No changes file available.
