Debian
dropbear package

dropbear 2020.81-3+deb11u1 source package in Debian

Changelog

dropbear (2020.81-3+deb11u1) bullseye; urgency=medium

  * Fix CVE-2021-36369: Due to a non-RFC-compliant check of the available
    authentication methods in the client-side SSH code, it is possible for an
    SSH server to change the login process in its favor.
  * Fix CVE-2023-48795 (terrapin attack): The SSH transport protocol with
    certain OpenSSH extensions allows remote attackers to bypass integrity
    checks such that some packets are omitted (from the extension negotiation
    message), and a client and server may consequently end up with a
    connection for which some security features have been downgraded or
    disabled, aka a Terrapin attack. (Closes: #1059001)
  * d/t/on-lvm-and-luks: Target bullseye not sid.
  * d/t/on-lvm-and-luks: Bump disk image size to 4G as the previous size was
    too small for bullseye-security updates (kernel etc.).
  * Salsa CI: Target bullseye and disable lintian job.

 -- Guilhem Moulin <email address hidden>  Fri, 26 Jan 2024 12:00:26 +0100

Upload details

Uploaded by:
Guilhem Moulin
Uploaded to:
Bullseye
Original maintainer:
Guilhem Moulin
Architectures:
any all
Section:
net
Urgency:
Medium Urgency

See full publishing history Publishing

Series Pocket Published Component Section
Bullseye release main net

Builds

Downloads

File Size SHA-256 Checksum
dropbear_2020.81-3+deb11u1.dsc 2.5 KiB 7641e4fbc28085e9fc66d0e01cb88b9f3ef6d2f54f098d185d13f4e556c7f705
dropbear_2020.81.orig.tar.bz2 2.2 MiB 48235d10b37775dbda59341ac0c4b239b82ad6318c31568b985730c788aac53b
dropbear_2020.81.orig.tar.bz2.asc 833 bytes 5cdb32a453f68b6c9907e87da924b8bc12554584124849af4da66b08cd4ffa28
dropbear_2020.81-3+deb11u1.debian.tar.xz 34.1 KiB 4fab0450874730a0a5cfb0043fdf51e6a652310146ca5df59d1b0dad3b448862

No changes file available.

Binary packages built by this source