Репозитории ALT
S: | 2022.82-alt1 |
5.1: | 0.50-alt3 |
4.1: | 0.50-alt1 |
4.0: | 0.49-alt1 |
Группа :: Система/Серверы
Пакет: dropbear
Главная Изменения Спек Патчи Sources Загрузить Gear Bugs and FR Repocop
19 июня 2022 Vitaly Chikunov <vt at altlinux.org> 2022.82-alt1
- Update to DROPBEAR_2022.82 (2022-04-01). (Fixes: CVE-2018-15599,
CVE-2018-5399, CVE-2018-20685, CVE-2019-12953, CVE-2020-15833,
CVE-2020-36254). - Disable DSS keys.
- Allow password auth.
- Undo authkey_fp patch (as it does not apply to the new codebase).
- Use bundled libtom{crypt,math} maintained by the authors of Dropbear.
- Doc and client packages are merged into main package.
- Add systemd services.
- Correct sftp-server path (to openssh-server binary).
- Rebuilt with new libtommath and libtomcrypt.
- Autobuild version bump to 2017.75
- Autobuild version bump to 2016.74
- Autobuild version bump to 2016.73
- Autobuild version bump to 2015.71
- Autobuild version bump to 2015.68
- Autobuild version bump to 2015.67
- Autobuild version bump to 2014.65
- Autobuild version bump to 2014.63
- Autobuild version bump to 2013.62
- Update "fingerprint expose" patch
- Autobuild version bump to 2013.60
- Autobuild version bump to 2013.59
- Fix build (patch, new manmage)
- Autobuild version bump to 2013.58
- Autobuild version bump to 2013.56
- Autobuild version bump to 2012.55
- Autobuild version bump to 2011.54
- Autobuild version bump to 0.53.1
- Bring back client
- Introduce documentation
- rebuild
- Add conflicts dropbear-scp -> openssh
- cleanup spec
- Add DROPBEAR_PASSWORD environment variable to specify a dbclient password
- Use /dev/urandom by default, since that's what everyone does anyway
- Correct vfork() use for uClinux in scp (thanks to Alex Landau)
- Exit with an exit code of 1 if dropbear can't bind to any ports (thanks to
Nicolai Ehemann) - Improve network performance and add a -W <receive_window> argument for
adjusting the tradeoff between network performance and memory consumption. - Fix a problem where reply packets could be sent during key exchange, in
violation of the SSH spec. This could manifest itself with connections being
terminated after 8 hours with new TCP-forward connections being established. - Add -K <keepalive_time> argument, ensuring that data is transmitted over the
connection at least every N seconds. - dropbearkey will no longer generate DSS keys of sizes other than 1024 bits,
as required by the DSS specification. (Other sizes are still accepted for use
to provide backwards compatibility).
- CVE-2007-1099 fix (dbclient previously would prompt to confirm a mismatching
hostkey but wouldn't warn loudly. It will now exit upon a mismatch) - Added -P pidfile argument to the server (from Swen Schillig)
- Add -N dbclient option for "no command"
- Add -f dbclient option for "background after auth"
- Add ability to limit binding to particular addresses, use -p [address:]port,
patch from Max-Gerd Retzlaff. - Fix finding relative-path server hostkeys when running daemonized
- Use $HOME in preference to that from /etc/passwd, so that dbclient can still
work on broken systems. - Fix various issues found by Klocwork defect analysis, mostly memory leaks and
error-handling. Thanks to Klocwork for their service. - Add compile-time LOG_COMMANDS option to log user commands
- Add '-y' flag to dbclient to unconditionally accept host keys,patch from
Luciano Miguel Ferreira Rocha - Return immediately for "sleep 10 & echo foo", rather thanwaiting for the
sleep to return (pointed out by Rob Landley). - Avoid hanging after exit in certain cases (such as scp)
- Various minor fixes, in particular various leaks reported by Erik Hovland
- Disable core dumps on startup
- Don't erase over every single buffer, since it was a bottleneck. On systems
where it really matters, encrypted swap should be utilised. - Read /dev/[u]random only once at startup to conserve kernel entropy
- upstream version update update (0.48.1)
- fix license
- add scp subpackage
- patches from debian (typo in doc and man)
- first build for Sisyphus