diff options
author | Matt Johnston <matt@ucc.asn.au> | 2019-03-23 21:46:29 +0800 |
---|---|---|
committer | Matt Johnston <matt@ucc.asn.au> | 2019-03-23 21:46:29 +0800 |
commit | 46a155d2189f672e8aef04f77f87cc691280116b (patch) | |
tree | 74b3e0cca3ffd7a931da223641746d38f196b827 | |
parent | f6b6ca15ed6145a089196b641749843ed1d09aa8 (diff) | |
download | dropbear-46a155d2189f672e8aef04f77f87cc691280116b.tar.gz |
2019.77DROPBEAR_2019.77
-rw-r--r-- | CHANGES | 40 | ||||
-rw-r--r-- | debian/changelog | 6 | ||||
-rw-r--r-- | sysoptions.h | 2 |
3 files changed, 47 insertions, 1 deletions
@@ -1,3 +1,43 @@ +2019.77 - 23 March 2019 + +- Fix server -R option with ECDSA - only advertise one key size which will be accepted. + Reported by Peter Krefting, 2018.76 regression. + +- Fix server regression in 2018.76 where multiple client -R forwards were all forwarded + to the first destination. Reported by Iddo Samet. + +- Make failure delay more consistent to avoid revealing valid usernames, set server password + limit of 100 characters. Problem reported by usd responsible disclosure team + +- Change handling of failed authentication to avoid disclosing valid usernames, + CVE-2018-15599. + +- Fix dbclient to reliably return the exit code from the remote server. + Reported by W. Mike Petullo + +- Fix export of 521-bit ECDSA keys, from Christian Hohnstädt + +- Add -o Port=xxx option to work with sshfs, from xcko + +- Merged fuzzing code, see FUZZER-NOTES.md + +- Add a DROPBEAR_SVR_MULTIUSER=0 compile option to run on + single-user Linux kernels (CONFIG_MULTIUSER disabled). From Patrick Stewart + +- Increase allowed username to 100 characters, reported by W. Mike Petullo + +- Update config.sub and config.guess, should now work with RISC-V + +- Cygwin compile fix from karel-m + +- Don't require GNU sed (accidentally in 2018.76), reported by Samuel Hsu + +- Fix for IRIX and writev(), reported by Kazuo Kuroi + +- Other fixes and cleanups from François Perrad, Andre McCurdy, Konstantin Demin, + Michael Jones, Pawel Rapkiewicz + + 2018.76 - 27 February 2018 > > > Configuration/compatibility changes diff --git a/debian/changelog b/debian/changelog index 8d5d2b0..4167b04 100644 --- a/debian/changelog +++ b/debian/changelog @@ -1,3 +1,9 @@ +dropbear (2019.77-0.1) unstable; urgency=low + + * New upstream release. + + -- Matt Johnston <matt@ucc.asn.au> Sat, 23 Mar 2019 22:51:57 +0800 + dropbear (2018.76-0.1) unstable; urgency=low * New upstream release. diff --git a/sysoptions.h b/sysoptions.h index 8648c4e..a8cad88 100644 --- a/sysoptions.h +++ b/sysoptions.h @@ -4,7 +4,7 @@ *******************************************************************/ #ifndef DROPBEAR_VERSION -#define DROPBEAR_VERSION "2018.76" +#define DROPBEAR_VERSION "2019.77" #endif #define LOCAL_IDENT "SSH-2.0-dropbear_" DROPBEAR_VERSION |