mirror of
https://github.com/clearml/dropbear
synced 2025-02-07 13:21:15 +00:00
Change secure.ucc.asn.au/hg to hg.ucc.asn.au
This commit is contained in:
Matt Johnston
parent
926c477188
commit
80e9281701
22
CHANGES
22
CHANGES
@ -215,7 +215,7 @@
|
|||||||
dropbear is running with -a (Allow connections to forwarded ports from any host)
|
dropbear is running with -a (Allow connections to forwarded ports from any host)
|
||||||
This could potentially allow arbitrary code execution as root by an authenticated user.
|
This could potentially allow arbitrary code execution as root by an authenticated user.
|
||||||
Affects versions 2013.56 to 2016.74. Thanks to Mark Shepard for reporting the crash.
|
Affects versions 2013.56 to 2016.74. Thanks to Mark Shepard for reporting the crash.
|
||||||
CVE-2017-9078 https://secure.ucc.asn.au/hg/dropbear/rev/c8114a48837c
|
CVE-2017-9078 https://hg.ucc.asn.au/dropbear/rev/c8114a48837c
|
||||||
|
|
||||||
- Security: Fix information disclosure with ~/.ssh/authorized_keys symlink.
|
- Security: Fix information disclosure with ~/.ssh/authorized_keys symlink.
|
||||||
Dropbear parsed authorized_keys as root, even if it were a symlink. The fix
|
Dropbear parsed authorized_keys as root, even if it were a symlink. The fix
|
||||||
@ -227,7 +227,7 @@
|
|||||||
contents of that file.
|
contents of that file.
|
||||||
This information disclosure is to an already authenticated user.
|
This information disclosure is to an already authenticated user.
|
||||||
Thanks to Jann Horn of Google Project Zero for reporting this.
|
Thanks to Jann Horn of Google Project Zero for reporting this.
|
||||||
CVE-2017-9079 https://secure.ucc.asn.au/hg/dropbear/rev/0d889b068123
|
CVE-2017-9079 https://hg.ucc.asn.au/dropbear/rev/0d889b068123
|
||||||
|
|
||||||
- Generate hostkeys with dropbearkey atomically and flush to disk with fsync
|
- Generate hostkeys with dropbearkey atomically and flush to disk with fsync
|
||||||
Thanks to Andrei Gherzan for a patch
|
Thanks to Andrei Gherzan for a patch
|
||||||
@ -247,23 +247,23 @@
|
|||||||
run arbitrary code as the dbclient user. This could be a problem if scripts
|
run arbitrary code as the dbclient user. This could be a problem if scripts
|
||||||
or webpages pass untrusted input to the dbclient program.
|
or webpages pass untrusted input to the dbclient program.
|
||||||
CVE-2016-7406
|
CVE-2016-7406
|
||||||
https://secure.ucc.asn.au/hg/dropbear/rev/b66a483f3dcb
|
https://hg.ucc.asn.au/dropbear/rev/b66a483f3dcb
|
||||||
|
|
||||||
- Security: dropbearconvert import of OpenSSH keys could run arbitrary code as
|
- Security: dropbearconvert import of OpenSSH keys could run arbitrary code as
|
||||||
the local dropbearconvert user when parsing malicious key files
|
the local dropbearconvert user when parsing malicious key files
|
||||||
CVE-2016-7407
|
CVE-2016-7407
|
||||||
https://secure.ucc.asn.au/hg/dropbear/rev/34e6127ef02e
|
https://hg.ucc.asn.au/dropbear/rev/34e6127ef02e
|
||||||
|
|
||||||
- Security: dbclient could run arbitrary code as the local dbclient user if
|
- Security: dbclient could run arbitrary code as the local dbclient user if
|
||||||
particular -m or -c arguments are provided. This could be an issue where
|
particular -m or -c arguments are provided. This could be an issue where
|
||||||
dbclient is used in scripts.
|
dbclient is used in scripts.
|
||||||
CVE-2016-7408
|
CVE-2016-7408
|
||||||
https://secure.ucc.asn.au/hg/dropbear/rev/eed9376a4ad6
|
https://hg.ucc.asn.au/dropbear/rev/eed9376a4ad6
|
||||||
|
|
||||||
- Security: dbclient or dropbear server could expose process memory to the
|
- Security: dbclient or dropbear server could expose process memory to the
|
||||||
running user if compiled with DEBUG_TRACE and running with -v
|
running user if compiled with DEBUG_TRACE and running with -v
|
||||||
CVE-2016-7409
|
CVE-2016-7409
|
||||||
https://secure.ucc.asn.au/hg/dropbear/rev/6a14b1f6dc04
|
https://hg.ucc.asn.au/dropbear/rev/6a14b1f6dc04
|
||||||
|
|
||||||
The security issues were reported by an anonymous researcher working with
|
The security issues were reported by an anonymous researcher working with
|
||||||
Beyond Security's SecuriTeam Secure Disclosure www.beyondsecurity.com/ssd.html
|
Beyond Security's SecuriTeam Secure Disclosure www.beyondsecurity.com/ssd.html
|
||||||
@ -309,7 +309,7 @@
|
|||||||
|
|
||||||
- Validate X11 forwarding input. Could allow bypass of authorized_keys command= restrictions,
|
- Validate X11 forwarding input. Could allow bypass of authorized_keys command= restrictions,
|
||||||
found by github.com/tintinweb. Thanks for Damien Miller for a patch. CVE-2016-3116
|
found by github.com/tintinweb. Thanks for Damien Miller for a patch. CVE-2016-3116
|
||||||
https://secure.ucc.asn.au/hg/dropbear/rev/a3e8389e01ff
|
https://hg.ucc.asn.au/dropbear/rev/a3e8389e01ff
|
||||||
|
|
||||||
2015.71 - 3 December 2015
|
2015.71 - 3 December 2015
|
||||||
|
|
||||||
@ -590,11 +590,11 @@ kernels, from Steve Dover
|
|||||||
- Limit the size of decompressed payloads, avoids memory exhaustion denial
|
- Limit the size of decompressed payloads, avoids memory exhaustion denial
|
||||||
of service
|
of service
|
||||||
Thanks to Logan Lamb for reporting and investigating it. CVE-2013-4421
|
Thanks to Logan Lamb for reporting and investigating it. CVE-2013-4421
|
||||||
https://secure.ucc.asn.au/hg/dropbear/rev/0bf76f54de6f
|
https://hg.ucc.asn.au/dropbear/rev/0bf76f54de6f
|
||||||
|
|
||||||
- Avoid disclosing existence of valid users through inconsistent delays
|
- Avoid disclosing existence of valid users through inconsistent delays
|
||||||
Thanks to Logan Lamb for reporting. CVE-2013-4434
|
Thanks to Logan Lamb for reporting. CVE-2013-4434
|
||||||
https://secure.ucc.asn.au/hg/dropbear/rev/d7784616409a
|
https://hg.ucc.asn.au/dropbear/rev/d7784616409a
|
||||||
|
|
||||||
- Update config.guess and config.sub for newer architectures
|
- Update config.guess and config.sub for newer architectures
|
||||||
|
|
||||||
@ -697,7 +697,7 @@ though probably will be soon
|
|||||||
This bug affects releases 0.52 onwards. Ref CVE-2012-0920.
|
This bug affects releases 0.52 onwards. Ref CVE-2012-0920.
|
||||||
Thanks to Danny Fullerton of Mantor Organization for reporting
|
Thanks to Danny Fullerton of Mantor Organization for reporting
|
||||||
the bug.
|
the bug.
|
||||||
https://secure.ucc.asn.au/hg/dropbear/rev/818108bf7749
|
https://hg.ucc.asn.au/dropbear/rev/818108bf7749
|
||||||
|
|
||||||
- Compile fix, only apply IPV6 socket options if they are available in headers
|
- Compile fix, only apply IPV6 socket options if they are available in headers
|
||||||
Thanks to Gustavo Zacarias for the patch
|
Thanks to Gustavo Zacarias for the patch
|
||||||
@ -741,7 +741,7 @@ though probably will be soon
|
|||||||
- New version numbering scheme.
|
- New version numbering scheme.
|
||||||
|
|
||||||
Source repository has now migrated to Mercurial at
|
Source repository has now migrated to Mercurial at
|
||||||
https://secure.ucc.asn.au/hg/dropbear/graph/default
|
https://hg.ucc.asn.au/dropbear/graph/default
|
||||||
|
|
||||||
0.53.1 - Wednesday 2 March 2011
|
0.53.1 - Wednesday 2 March 2011
|
||||||
|
|
||||||
|
|||||||
@ -4,7 +4,7 @@
|
|||||||
|
|
||||||
result=0
|
result=0
|
||||||
|
|
||||||
test -d fuzzcorpus && hg --repository fuzzcorpus/ pull || hg clone https://secure.ucc.asn.au/hg/dropbear-fuzzcorpus fuzzcorpus || exit 1
|
test -d fuzzcorpus && hg --repository fuzzcorpus/ pull || hg clone https://hg.ucc.asn.au/dropbear-fuzzcorpus fuzzcorpus || exit 1
|
||||||
for f in `make list-fuzz-targets`; do
|
for f in `make list-fuzz-targets`; do
|
||||||
./$f fuzzcorpus/$f/* || result=1
|
./$f fuzzcorpus/$f/* || result=1
|
||||||
done
|
done
|
||||||
|
|||||||
Loading…
Reference in New Issue
Block a user