[SECURITY] [DLA 948-1] dropbear security update

To: debian-lts-announce@lists.debian.org
Subject: [SECURITY] [DLA 948-1] dropbear security update
From: Thorsten Alteholz <debian@alteholz.de>
Date: Sun, 21 May 2017 22:56:53 +0200 (CEST)
Message-id: <[🔎] alpine.DEB.2.02.1705212254360.1645@jupiter.server.alteholz.net>
Mail-followup-to: debian-lts@lists.debian.org
Reply-to: debian-lts@lists.debian.org

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Package        : dropbear
Version        : 2012.55-1.3+deb7u2
CVE ID         : CVE-2017-9079

A vulnerability was found in Dropbear, a lightweight SSH2 server
and client.

CVE-2017-9079

    Jann Horn discovered a local information leak in parsing the
    .authorized_keys file.


For Debian 7 "Wheezy", this problem has been fixed in version
2012.55-1.3+deb7u2.

We recommend that you upgrade your dropbear packages.

Further information about Debian LTS security advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://wiki.debian.org/LTS

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.12 (GNU/Linux)

iQJ8BAEBCgBmBQJZIf8WXxSAAAAAAC4AKGlzc3Vlci1mcHJAbm90YXRpb25zLm9w
ZW5wZ3AuZmlmdGhob3JzZW1hbi5uZXQ2MjAxRkJGRkRCQkRFMDc4MjJFQUJCOTY5
NkZDQUMwRDM4N0I1ODQ3AAoJEJb8rA04e1hHdE4QAIK8YElkoMPIKgv5GoPv/HGF
EWxxR3m+TaqeoMM5VOczaXP7IQZCXqE1FQsaUpw2FP8N/ygJWLH1bSnG7XXxc27i
AxwHBIaYWhHB8w2mE4xpWruOM3zMmjCm4s1rWWk1AHTrMNF6bZv7r8KFRuqWdNUk
C9xaUBxk0WnEmwMEN0borySAGJzM3K4Va+Ebd2Zjyw20R5LHzEr/k6vN2BoF4k2j
yjtCgSc9GhwLzg2WLi35mbiWYrQ9zrtM0hB5upeJJiviwz+5phOECWAaABtV6Vv+
qzxIyzjlx8I/8zJ5GhRv1pJ8HtAFqPJV25eZ26V21XXykKPKD+8tcSSUQIlcgq7J
TRLYUq+ZDFe0hDsTfcVvNvqXUKcH3nvFxw/hv0MUyMa4BjxgUjZ38Ab29mGEMTBM
ilPCYTlsELBvwGFgy6GfIOeFhNFXCOn07PuZSF6GO4fhBohmRJ/zNSVG5oxxkR4s
N8DD4owYT75tCy8xltB+QDbwg5Rv/ARM1HgrsCPEM1+f+kzLMN7opswIOCdG8vo+
W7F67YD9rAoDqelbdWgjCbq4YiHzwfEoDAIrtCMujHj7Cd+OX1e2QaDErcPXPYJU
ROFhtr2Kobt5TGCDRWKj2NhYMYVDpl+/dLTCpmAPx9hAIAYUJZDSu5IWEy2R+lO8
ZkrFBGNfYIb9gcfGWlbi
=qy9f
-----END PGP SIGNATURE-----

Reply to:

Prev by Date: [SECURITY] [DLA 947-1] icu security update
Next by Date: [SECURITY] [DLA 949-1] miniupnpc security update
Previous by thread: [SECURITY] [DLA 947-1] icu security update
Next by thread: [SECURITY] [DLA 949-1] miniupnpc security update
Index(es):
- Date
- Thread