From 5a3bc9fa9c8a748b25c4bdf93529413dc862aba4 Mon Sep 17 00:00:00 2001
From: Matt Johnston <matt@ucc.asn.au>
Date: Mon, 14 Nov 2022 10:37:15 +0800
Subject: [PATCH] Update version to 2022.83, finish CHANGES

---
 CHANGES          | 35 ++++++++++++++++++-----------------
 debian/changelog |  6 ++++++
 sysoptions.h     |  4 ++--
 3 files changed, 26 insertions(+), 19 deletions(-)

diff --git a/CHANGES b/CHANGES
index 212c170..38918fb 100644
--- a/CHANGES
+++ b/CHANGES
@@ -1,30 +1,28 @@
-2022.83 - 
+2022.83 - 14 November 2022
 
 Features and Changes:
   Note >> for compatibility/configuration changes
 
 - >> Disable DROPBEAR_DSS by default
-  It is only 1024 bit and uses SHA1, most distros disable it by default already.
-
-- >> Remove HMAC_MD5 entirely
+  It is only 1024 bit and uses sha1, most distros disable it by default already.
 
 - Added DROPBEAR_RSA_SHA1 option to allow disabling sha1 rsa signatures.
-  RSA with sha1 will be disabled in a future release (rsa keys will continue
+  >> RSA with sha1 will be disabled in a future release (rsa keys will continue
   to work OK, with sha256 signatures used instead).
 
 - Add option for requiring both password and pubkey (-t)
   Patch from Jackkal
 
-  - >> DROPBEAR_SK_KEYS config option now replaces separate DROPBEAR_SK_ECDSA 
+- Add 'no-touch-required' and 'verify-required' options for sk keys
+  Patch from Egor Duda
+
+  - >> DROPBEAR_SK_KEYS config option now replaces separate DROPBEAR_SK_ECDSA
   and DROPBEAR_SK_ED25519 options.
 
 - Add 'permitopen' option for authorized_keys to restrict forwarded ports
   Patch from Tuomas Haikarainen
 
-- Add 'no-touch-required' and 'verify-required' options for sk keys
-  Patch from Egor Duda
-
-- Added LTM_CFLAGS configure argument to set flags for building
+- >> Added LTM_CFLAGS configure argument to set flags for building
   bundled libtommath. This also restores the previous arguments used
   in 2020.81 (-O3 -funroll-loops). That gives a big speedup for RSA
   key generation, which regressed in 2022.82.
@@ -33,7 +31,8 @@ Features and Changes:
   Reported by David Bernard
 
 - Add '-z' flag to disable setting QoS traffic class. This may be necessary
-  to work with broken networks or network drivers.
+  to work with broken networks or network drivers, exposed after changes to use
+  AF21 in 2022.82
   https://github.com/mkj/dropbear/issues/193
   Reported by yuhongwei380, patch from Petr Štetiar
 
@@ -43,6 +42,8 @@ Features and Changes:
 - Improve permission error message
   Patch from k-kurematsu
 
+- >> Remove HMAC_MD5 entirely
+
 Regression fixes from 2022.82:
 
 - Fix X11 build
@@ -65,8 +66,8 @@ Regression fixes from 2022.82:
 
 Other fixes:
 
-- Fix long standing incorrect compression size check. Dropbear 
-  (client or server) would erroneously exit with 
+- Fix long standing incorrect compression size check. Dropbear
+  (client or server) would erroneously exit with
   "bad packet, oversized decompressed"
   when receiving a compressed packet of exactly the maximum size.
 
@@ -75,11 +76,11 @@ Other fixes:
   Reported and debugged by m5jt and David Bernard
 
 - Try keyboard-interactive auth before password, in dbclient.
-  This was unintentionally changed back in 2013  
+  This was unintentionally changed back in 2013
   https://github.com/mkj/dropbear/pull/190
   Patch from Michele Giacomoli
 
-- Flush the terminal when reading the fingerprint confirmation response
+- Drain the terminal when reading the fingerprint confirmation response
   https://github.com/mkj/dropbear/pull/191
   Patch from Michele Giacomoli
 
@@ -88,8 +89,8 @@ Other fixes:
   https://github.com/mkj/dropbear/pull/189
   Patch from Michele Giacomoli
 
-- Improve configure test for hardening options. 
-  Fixes building on AIX 
+- Improve configure test for hardening options.
+  Fixes building on AIX
   https://github.com/mkj/dropbear/issues/158
 
 - Fix debian/dropbear.init newline
diff --git a/debian/changelog b/debian/changelog
index f7e2ffa..2fc5c5d 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,3 +1,9 @@
+dropbear (2022.83-0.1) unstable; urgency=low
+
+  * New upstream release.
+
+ -- Matt Johnston <matt@ucc.asn.au>  Mon, 14 Nov 2022 22:51:57 +0800
+
 dropbear (2022.82-0.1) unstable; urgency=low
 
   * New upstream release.
diff --git a/sysoptions.h b/sysoptions.h
index 462e887..fb6adc7 100644
--- a/sysoptions.h
+++ b/sysoptions.h
@@ -1,10 +1,10 @@
 /*******************************************************************
- * You shouldn't edit this file unless you know you need to. 
+ * You shouldn't edit this file unless you know you need to.
  * This file is only included from options.h
  *******************************************************************/
 
 #ifndef DROPBEAR_VERSION
-#define DROPBEAR_VERSION "2022.82"
+#define DROPBEAR_VERSION "2022.83"
 #endif
 
 #define LOCAL_IDENT "SSH-2.0-dropbear_" DROPBEAR_VERSION