Accepted dropbear 2018.76-5+deb10u1 (source) into oldstable-proposed-updates->oldstable-new, oldstable-proposed-updates
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Format: 1.8
Date: Wed, 06 Apr 2022 20:54:24 +0200
Source: dropbear
Architecture: source
Version: 2018.76-5+deb10u1
Distribution: buster
Urgency: medium
Maintainer: Guilhem Moulin <guilhem@debian.org>
Changed-By: Guilhem Moulin <guilhem@debian.org>
Closes: 1009062
Changes:
dropbear (2018.76-5+deb10u1) buster; urgency=medium
.
* Backport security fix for CVE-2019-12953: Inconsistent failure delay that
may lead to revealing valid usernames. The fix limits password length to
100 bytes. (Closes: #1009062.)
Cherry-picked from https://hg.ucc.asn.au/dropbear/rev/228b086794b7 .
* d/gbp.conf: Set debian-branch = debian/buster.
Checksums-Sha1:
82c7513621952e7a84ed655f288e7ec323fbbfb1 2429 dropbear_2018.76-5+deb10u1.dsc
21b731d07602c1f3eedaea64e1aaa1f30d2e50ff 25336 dropbear_2018.76-5+deb10u1.debian.tar.xz
fb1cabce297150a35f6e5d3d00a6487aa21a8b23 6961 dropbear_2018.76-5+deb10u1_amd64.buildinfo
Checksums-Sha256:
b5418c15c18287c95eca10d372a45583559961bfcdc0eb569e846f8ee59a400c 2429 dropbear_2018.76-5+deb10u1.dsc
8a0a9924a8fdc990a4e7f32168fb5b6265a81a57f201ee539e712ee9c5d5967d 25336 dropbear_2018.76-5+deb10u1.debian.tar.xz
9aed4d8a3308f8ebf345ff2d1b97efb80931ee488f61011c5080c686b9b8d67d 6961 dropbear_2018.76-5+deb10u1_amd64.buildinfo
Files:
94dc61ba995f511f373a6820ee30ada3 2429 net optional dropbear_2018.76-5+deb10u1.dsc
ad101b6a852479465e7722efedbc5f64 25336 net optional dropbear_2018.76-5+deb10u1.debian.tar.xz
95e85b6f918f165469a5d88f6f6bcf90 6961 net optional dropbear_2018.76-5+deb10u1_amd64.buildinfo
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCgAdFiEERpy6p3b9sfzUdbME05pJnDwhpVIFAmJN4lEACgkQ05pJnDwh
pVIuphAAk3/M/BwHcGn7BfYiL03o8j8whVV3ygp3aDirwd+g2ZG3AH4Q1Mog/Icw
6FgX4DA7at+jOPcCaOiaHP6vXkh1dtGBsTP5qKupeUG94vODwqWGUFWc11e4jTMo
LleVG4EwhyhEn1okn7z2ysQn4eJCpJ7PG7omlfUFAs0rDPqg8k26N6/cSA0JsCYF
qqVE9IKyYBPwMkdByATlKFhShfVQH84EUMKXBYQPpGYcfy6EBKN4gA64iBs+1J6A
CZPrjL03cxJOWIpjRYx6htMjkIFH8K6Rpc3wmzUzY73s+3fv6BHOSCFvws7ZH+fk
wytlB008NdNyhBX87CzFkjv+WaiVE02oUdupQP8ICFkM+jBozNR1j3ghWYw3W/ms
V2n9RscK2/DfWYt+MgcPaSNDMsxrRQQD+/CtYHiJdyA39x0WMyXLGjNaEwPiJoSn
7wDyFMLRIyWr0uuk2zOlwTKcJwSXz/w9sCm90Y5GHnY41dU4xbk85vRp7mI5vyCe
tmX8UI6eebOarKSTwMGFxqE6rqgb8qwLqAxHJW8PRMd2O3l46JBRhMY7E9oCac/U
Rxqdl5X6BCSxILU8doFCfAZQyDtE1w6wM93CnA3BUfH7fvpyYbtJLin+cBYSEvP9
a7R4QL2UwSnIiHGjFl8AhTf7bqSa5vviJLvTS8smn0163I3V2pU=
=24KL
-----END PGP SIGNATURE-----
Reply to: