7 Commits

Author SHA1 Message Date
sthen
48b0b9660c replace simple PERMIT_PACKAGE_CDROM=Yes with PERMIT_PACKAGE=Yes 2019-07-12 20:48:23 +00:00
sthen
ad3337c525 update to dropbear-2019.78 2019-03-28 14:47:10 +00:00
bket
6941387522 Update to dropbear-2018.76.
Hints and OK sthen@.
2018-03-13 03:50:48 +00:00
espie
1cad0a9db6 a few more FIX_EXTRACT_PERMISSIONS 2017-12-04 17:56:27 +00:00
sthen
b9ba812e98 update to dropbear-2017.75
CVE-2017-9078: double-free in server TCP listener cleanup
CVE-2017-9079: information disclosure with ~/.ssh/authorized_keys symlink.
2017-05-23 13:44:13 +00:00
sthen
6ad8220f49 update to dropbear-2016.74, fixes include a format string vulnerability
(CVE-2016-7406) and a problem importing malicious OpenSSH keys (CVE-2016-7407)
both of which could result in arbitrary code running as root in some conditions
(though the worst one requires usernames including '%' which is uncommon with
OpenBSD as adduser and useradd reject this, however it is possible by editing
the password file directly). See https://matt.ucc.asn.au/dropbear/CHANGES for
more details.
2016-09-21 10:06:27 +00:00
sthen
8fb77bdb39 import dropbear, ok landry@
Dropbear is a relatively small SSH server and client, often found
in small environments such as routers and wireless access points.
2016-04-06 22:03:15 +00:00