pkgsrc-Changes-HG archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
[pkgsrc/trunk]: pkgsrc/security/dropbear Updated dropbear to 0.43
details: https://anonhg.NetBSD.org/pkgsrc/rev/a08242fdaf28
branches: trunk
changeset: 480137:a08242fdaf28
user: martti <martti%pkgsrc.org@localhost>
date: Tue Aug 31 10:27:38 2004 +0000
description:
Updated dropbear to 0.43
- SECURITY: Don't try to free() uninitialised variables in DSS verification
code. Thanks to Arne Bernin for pointing out this bug. This is possibly
exploitable, all users with DSS and pubkey-auth compiled in are advised to
upgrade.
- Clean up agent forwarding socket files correctly, patch from Gerrit Pape.
- Don't go into an infinite loop when portforwarding to servers which don't
send any initial data/banner. Patch from Nikola Vladov
- Fix for network vs. host byte order in logging remote TCP ports, also
from Gerrit Pape.
- Initialise many pointers to NULL, for general safety. Also checked cleanup
code for mp_ints (related to security issues above).
diffstat:
security/dropbear/Makefile | 4 ++--
security/dropbear/distinfo | 8 ++++----
security/dropbear/patches/patch-aa | 12 ++++--------
3 files changed, 10 insertions(+), 14 deletions(-)
diffs (49 lines):
diff -r f7b45404044a -r a08242fdaf28 security/dropbear/Makefile
--- a/security/dropbear/Makefile Tue Aug 31 08:42:13 2004 +0000
+++ b/security/dropbear/Makefile Tue Aug 31 10:27:38 2004 +0000
@@ -1,6 +1,6 @@
-# $NetBSD: Makefile,v 1.5 2004/06/26 19:30:58 grant Exp $
+# $NetBSD: Makefile,v 1.6 2004/08/31 10:27:38 martti Exp $
-DISTNAME= dropbear-0.42
+DISTNAME= dropbear-0.43
CATEGORIES= security
MASTER_SITES= http://matt.ucc.asn.au/dropbear/releases/
EXTRACT_SUFX= .tar.bz2
diff -r f7b45404044a -r a08242fdaf28 security/dropbear/distinfo
--- a/security/dropbear/distinfo Tue Aug 31 08:42:13 2004 +0000
+++ b/security/dropbear/distinfo Tue Aug 31 10:27:38 2004 +0000
@@ -1,5 +1,5 @@
-$NetBSD: distinfo,v 1.3 2004/06/21 18:27:47 drochner Exp $
+$NetBSD: distinfo,v 1.4 2004/08/31 10:27:38 martti Exp $
-SHA1 (dropbear-0.42.tar.bz2) = 2b4f1e22af1dfaffdfe7fbcf75cb6b79b322efc3
-Size (dropbear-0.42.tar.bz2) = 1140348 bytes
-SHA1 (patch-aa) = d1d4447366634c84082b9c0d737accbe9e80d823
+SHA1 (dropbear-0.43.tar.bz2) = 0bce83ad1a90b9b91e34d0c777f0d914516fd99d
+Size (dropbear-0.43.tar.bz2) = 1140743 bytes
+SHA1 (patch-aa) = 56bf56a3f1485a7395d6ff681b507950a5878345
diff -r f7b45404044a -r a08242fdaf28 security/dropbear/patches/patch-aa
--- a/security/dropbear/patches/patch-aa Tue Aug 31 08:42:13 2004 +0000
+++ b/security/dropbear/patches/patch-aa Tue Aug 31 10:27:38 2004 +0000
@@ -1,10 +1,8 @@
-$NetBSD: patch-aa,v 1.3 2004/06/21 18:27:48 drochner Exp $
+$NetBSD: patch-aa,v 1.4 2004/08/31 10:27:38 martti Exp $
---- Makefile.in.orig 2004-01-30 17:24:25.000000000 +0100
-+++ Makefile.in
-@@ -61,12 +61,12 @@ install: all
- $(INSTALL) -m 755 dropbearkey $(DESTDIR)$(bindir)
- $(INSTALL) -m 755 dropbearconvert $(DESTDIR)$(bindir)
+--- Makefile.in.orig 2004-01-30 18:24:25.000000000 +0200
++++ Makefile.in 2004-08-31 13:22:04.000000000 +0300
+@@ -63,8 +63,8 @@
# chown might fail, so do it separately to the install
- -chown root $(DESTDIR)$(sbindir)/dropbear
- -chgrp 0 $(DESTDIR)$(sbindir)/dropbear
@@ -19,5 +17,3 @@
+ -chown ${ROOT_USER} $(DESTDIR)$(bindir)/dropbearconvert
+ -chgrp ${ROOT_GROUP} $(DESTDIR)$(bindir)/dropbearconvert
- strip-static: static
- -$(STRIP) staticdropbear
Home |
Main Index |
Thread Index |
Old Index