JakeHillion/nixpkgs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

dropbear: 2016.73 -> 2016.74

Browse Source 
Security fixes:
- Message printout was vulnerable to format string injection
- dropbearconvert import of OpenSSH keys could run arbitrary code
  as the local dropbearconvert user when parsing malicious key
  files
- dbclient could run arbitrary code as the local dbclient user if
  particular -m or -c arguments are provided
- dbclient or dropbear server could expose process memory to the
  running user if compiled with DEBUG_TRACE and running with -v

Fixes:
- Fix port forwarding failure when connecting to domains that have
  both IPv4 and IPv6 addresses. The bug was introduced in 2015.68
- Fix 100% CPU use while waiting for rekey to complete
This commit is contained in:
Tobias Geerinckx-Rice 2016-07-23 21:29:40 +02:00
parent 90ee01cd3d
commit 7c84bd121a
No known key found for this signature in database
GPG Key ID: 91CCDB9B48541B99
1 changed files with 2 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
pkgs/tools/networking/dropbear/default.nix
View File

@ -2,11 +2,11 @@
sftpPath ? "/var/run/current-system/sw/libexec/sftp-server" }:
stdenv.mkDerivation rec {
name = "dropbear-2016.73";
name = "dropbear-2016.74";
src = fetchurl {
url = "http://matt.ucc.asn.au/dropbear/releases/${name}.tar.bz2";
sha256 = "1mzg18jss1bsmcnn88zv7kv5yj01hzimndnd5636hfq9kgva8qaw";
sha256 = "14c8f4gzixf0j9fkx68jgl85q7b05852kk0vf09gi6h0xmafl817";
};
dontDisableStatic = enableStatic;