[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Accepted dropbear 2022.83-1+deb12u1 (source) into proposed-updates



-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Fri, 26 Jan 2024 10:01:00 +0100
Source: dropbear
Architecture: source
Version: 2022.83-1+deb12u1
Distribution: bookworm
Urgency: medium
Maintainer: Guilhem Moulin <guilhem@debian.org>
Changed-By: Guilhem Moulin <guilhem@debian.org>
Closes: 1059001
Changes:
 dropbear (2022.83-1+deb12u1) bookworm; urgency=medium
 .
   * Fix CVE-2023-48795: (terrapin attack): The SSH transport protocol with
     certain OpenSSH extensions allows remote attackers to bypass integrity
     checks such that some packets are omitted (from the extension negotiation
     message), and a client and server may consequently end up with a
     connection for which some security features have been downgraded or
     disabled, aka a Terrapin attack. (Closes: #1059001)
Checksums-Sha1:
 692f8b276888861da31b2ebf2f54f9c7b8d2b686 2614 dropbear_2022.83-1+deb12u1.dsc
 97a18621ae57e9f7aa98ff5a6c0c4e4ce0c01d36 36860 dropbear_2022.83-1+deb12u1.debian.tar.xz
 ef4a025fdbdc4ba93629288250f0b520b4afe73b 7504 dropbear_2022.83-1+deb12u1_amd64.buildinfo
Checksums-Sha256:
 d629523b1fb44942e9dc611bc00a6513cd0b60dda3a4cd916bae11832a74428a 2614 dropbear_2022.83-1+deb12u1.dsc
 6bee1e383176908d5b6de4ccd503260404356b5cded6a78b5a7fa76e8c943e49 36860 dropbear_2022.83-1+deb12u1.debian.tar.xz
 d0f7ec56c042101f632d1644249a728e7fda6e1c7af6e0e84060d8ef9d37d279 7504 dropbear_2022.83-1+deb12u1_amd64.buildinfo
Files:
 06d68565eccc6fbec29c993295fcdd62 2614 net optional dropbear_2022.83-1+deb12u1.dsc
 3c1c408a74a6228f1fb29559533e8e6d 36860 net optional dropbear_2022.83-1+deb12u1.debian.tar.xz
 6ea7040c560daf5b2a7fbe151bb87247 7504 net optional dropbear_2022.83-1+deb12u1_amd64.buildinfo

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEERpy6p3b9sfzUdbME05pJnDwhpVIFAmWzdUMACgkQ05pJnDwh
pVL4Aw//Yb2K/pAsrcfUB7ADfNOq0XmBmioxWlq3YUWoHgVkHgJZgxPMe9AkaKE9
6zGZqq/Bxm7zmX5w9D5kZeEDYeIItKLIsNHLJxTvyZeWu0KxprZs22ZcrebomkRJ
J+RfJ7TySAAR/L/cHkM3M+8KAq7JMnhFXHQRjUrcWcXekk/wDn4gg6xVihSqa+wQ
7uaxIAG6eIPiOPPsc7TKmXlE4BhnALeLR89iSm+Iwtm0SBNJy2P+37s0aEq7vegn
5cwqsYfLuymQEiWDMtXVa079NU6aCnlNsTfUDn83LC27RsBjNZdfvW0wY1ecaOze
MTkoXaKi7AICITiMa7VR7trXHgsW1W4azg54h4+IuqmNjv74qN/jIbsINcp1WLJB
uZg+ErAk1iVqVhmQJTHplkCB41HAJ0sNrIJ9OWMZKQUlZs0uDNANV5K8wujaLmGx
ca+WNhqhb3n+903An2SpluzcyKfuFoaF5xBQO84hcY6bi+VWImBB+ou2OSXyZ2yS
2Ih7vN5mt1JwUYMZ0SWcc8QavORnaqon1U2pfFn6Hcd0uRuOpHe64NZA9M0nDFUo
j4qEyO1kCidiRLRJu5aNOber8UaTF8yYjpDx2g4WGIG1ytkoYcEXavLvDmvOmD1X
rDeiKzgzObMuo/NBKRPW7CQtFVL5ozgcrOIG+3jx9O3j3fquRTk=
=YrjU
-----END PGP SIGNATURE-----


Reply to: