diff options
| author | martti <martti> | 2004-08-31 10:27:38 +0000 |
|---|---|---|
| committer | martti <martti> | 2004-08-31 10:27:38 +0000 |
| commit | 7bee939cac0cbc0ea3343e86c3c6478545e9d9b3 (patch) | |
| tree | 0663413e752babb91e64aa37346ba270a7346b52 /security | |
| parent | 0b641f93e198ff62a1f4d1beccb0828759cbbda3 (diff) | |
| download | pkgsrc-7bee939cac0cbc0ea3343e86c3c6478545e9d9b3.tar.gz | |
Updated dropbear to 0.43
- SECURITY: Don't try to free() uninitialised variables in DSS verification
code. Thanks to Arne Bernin for pointing out this bug. This is possibly
exploitable, all users with DSS and pubkey-auth compiled in are advised to
upgrade.
- Clean up agent forwarding socket files correctly, patch from Gerrit Pape.
- Don't go into an infinite loop when portforwarding to servers which don't
send any initial data/banner. Patch from Nikola Vladov
- Fix for network vs. host byte order in logging remote TCP ports, also
from Gerrit Pape.
- Initialise many pointers to NULL, for general safety. Also checked cleanup
code for mp_ints (related to security issues above).
Diffstat (limited to 'security')
| -rw-r--r-- | security/dropbear/Makefile | 4 | ||||
| -rw-r--r-- | security/dropbear/distinfo | 8 | ||||
| -rw-r--r-- | security/dropbear/patches/patch-aa | 12 |
3 files changed, 10 insertions, 14 deletions
diff --git a/security/dropbear/Makefile b/security/dropbear/Makefile index 90f8fda8490..43a0996de3d 100644 --- a/security/dropbear/Makefile +++ b/security/dropbear/Makefile @@ -1,6 +1,6 @@ -# $NetBSD: Makefile,v 1.5 2004/06/26 19:30:58 grant Exp $ +# $NetBSD: Makefile,v 1.6 2004/08/31 10:27:38 martti Exp $ -DISTNAME= dropbear-0.42 +DISTNAME= dropbear-0.43 CATEGORIES= security MASTER_SITES= http://matt.ucc.asn.au/dropbear/releases/ EXTRACT_SUFX= .tar.bz2 diff --git a/security/dropbear/distinfo b/security/dropbear/distinfo index c47069097f8..f676945c632 100644 --- a/security/dropbear/distinfo +++ b/security/dropbear/distinfo @@ -1,5 +1,5 @@ -$NetBSD: distinfo,v 1.3 2004/06/21 18:27:47 drochner Exp $ +$NetBSD: distinfo,v 1.4 2004/08/31 10:27:38 martti Exp $ -SHA1 (dropbear-0.42.tar.bz2) = 2b4f1e22af1dfaffdfe7fbcf75cb6b79b322efc3 -Size (dropbear-0.42.tar.bz2) = 1140348 bytes -SHA1 (patch-aa) = d1d4447366634c84082b9c0d737accbe9e80d823 +SHA1 (dropbear-0.43.tar.bz2) = 0bce83ad1a90b9b91e34d0c777f0d914516fd99d +Size (dropbear-0.43.tar.bz2) = 1140743 bytes +SHA1 (patch-aa) = 56bf56a3f1485a7395d6ff681b507950a5878345 diff --git a/security/dropbear/patches/patch-aa b/security/dropbear/patches/patch-aa index 6d57999826e..b4d4a2f87ac 100644 --- a/security/dropbear/patches/patch-aa +++ b/security/dropbear/patches/patch-aa @@ -1,10 +1,8 @@ -$NetBSD: patch-aa,v 1.3 2004/06/21 18:27:48 drochner Exp $ +$NetBSD: patch-aa,v 1.4 2004/08/31 10:27:38 martti Exp $ ---- Makefile.in.orig 2004-01-30 17:24:25.000000000 +0100 -+++ Makefile.in -@@ -61,12 +61,12 @@ install: all - $(INSTALL) -m 755 dropbearkey $(DESTDIR)$(bindir) - $(INSTALL) -m 755 dropbearconvert $(DESTDIR)$(bindir) +--- Makefile.in.orig 2004-01-30 18:24:25.000000000 +0200 ++++ Makefile.in 2004-08-31 13:22:04.000000000 +0300 +@@ -63,8 +63,8 @@ # chown might fail, so do it separately to the install - -chown root $(DESTDIR)$(sbindir)/dropbear - -chgrp 0 $(DESTDIR)$(sbindir)/dropbear @@ -19,5 +17,3 @@ $NetBSD: patch-aa,v 1.3 2004/06/21 18:27:48 drochner Exp $ + -chown ${ROOT_USER} $(DESTDIR)$(bindir)/dropbearconvert + -chgrp ${ROOT_GROUP} $(DESTDIR)$(bindir)/dropbearconvert - strip-static: static - -$(STRIP) staticdropbear |