dropbear (2014.65-1+deb8u2) stable-security; urgency=high * Backport security fixes from 2017.75 (closes: #862970): - Fix double-free in server TCP listener cleanup A double-free in the server could be triggered by an authenticated user if dropbear is running with -a (Allow connections to forwarded ports from any host) This could potentially allow arbitrary code execution as root by an authenticated user. - Fix information disclosure with ~/.ssh/authorized_keys symlink. Dropbear parsed authorized_keys as root, even if it were a symlink. The fix is to switch to user permissions when opening authorized_keys A user could symlink their ~/.ssh/authorized_keys to a root-owned file they couldn't normally read. If they managed to get that file to contain valid authorized_keys with command= options it might be possible to read other contents of that file. This information disclosure is to an already authenticated user. -- Guilhem Moulin Fri, 19 May 2017 12:47:40 +0200 dropbear (2014.65-1+deb8u1) stable; urgency=medium * New maintainer. * Backport security fix from 2016.72: If X11 forwarding is enabled a user could bypass any "command=" restrictions in authorized_keys and run any command as their own user (CVE-2016-3116). * Backport security fixes from 2016.74: - Message printout was vulnerable to format string injection (CVE-2016-7406). - dropbearconvert import of OpenSSH keys could run arbitrary code as the local dropbearconvert user when parsing malicious key files (CVE-2016-7407). - dbclient could run arbitrary code as the local dbclient user if particular -m or -c arguments are provided (CVE-2016-7408). -- Guilhem Moulin Tue, 04 Apr 2017 22:15:20 +0200 dropbear (2014.65-1) unstable; urgency=low [ Matt Johnston ] * New upstream release (closes: #757780). [ Gerrit Pape ] * debian/diff/0003-options.h-use-usr-bin-xauth-instead-of...diff: remove; applied upstream. * debian/control: Standards-Version: 3.9.5.0. -- Gerrit Pape Mon, 11 Aug 2014 20:50:11 +0000 dropbear (2014.64-1) unstable; urgency=low [ Matt Johnston ] * New upstream release (closes: #748826, #756561).. [ Gerrit Pape ] * debian/diff/: update. * debian/initramfs/premount-devpts: apply patch from https://launchpadlibrarian.net/107177971/dropbear_lp933903_precise_1.debdiff: duplicate mount /dev/pts in initramfs (thx Mario 'BitKoenig' Holbe, Guy Roussin, closes: #632656). * debian/dropbear.postinst: apply patch from Karl O. Pinc: dropbear's cryptroot setup does not use the system's host keys (closes: #714899). * debian/initramfs/dropbear-hook: apply patch from Karl O. Pinc: There is no warning when the cryptroot host key differs from the regular host key (closes: #714900). * debian/dropbear.postrm: apply patch from Karl O. Pinc: dropbear does not remove initramfs host keys on package purge (closes: #714945). * debian/initramfs/premount-dropbear: apply half of patch from Robert.Heinzmann: allow option specification for dropbear in /etc/initramfs-tools/initramfs.conf (closes: #614981). * debian/dropbear.conffiles: add /usr/share/initramfs-tools/conf-hooks.d/dropbear (thx Karl O. Pinc, closes: #715047). * debian/rules: apply patch from Matthias Klose: please allow the package to cross build (closes: #729845). -- Gerrit Pape Fri, 01 Aug 2014 12:44:51 +0000 dropbear (2013.60-1) unstable; urgency=low [ Matt Johnston ] * New upstream release. [ Gerrit Pape ] * debian/diff/0004-cve-2013-4421.diff, 0005-user-disclosure.diff: remove; fixed upstream. * debian/dropbear.postinst: don't fail if initramfs-tools it not installed (closes: #692653). -- Gerrit Pape Fri, 25 Oct 2013 15:00:48 +0000 dropbear (2012.55-1.4) unstable; urgency=high * Non-maintainer upload by the Security Team. * Fix cve-2013-4421: memory exhaustion issue (closes: #726019). * Fix timing delays that may reveal whether a user account is valid (closes: #726118). -- Michael Gilbert Wed, 16 Oct 2013 03:29:42 +0000 dropbear (2012.55-1.3) unstable; urgency=medium * Non-maintainer upload. * Fix initramfs hook when multiple variant of libc are installed. All credits due to Helmut Grohne for the report and the solution. (Closes: #682964) -- Jérémy Bobbio Thu, 08 Nov 2012 10:45:01 +0100 dropbear (2012.55-1.2) unstable; urgency=low * Non-maintainer upload. * Unbreak initramfs hook when upgrading from Squeeze. -- Jérémy Bobbio Tue, 25 Sep 2012 16:53:18 +0200 dropbear (2012.55-1.1) unstable; urgency=low * Non-maintainer upload. * Adjust initramfs hook to work with multi-arch. Initial patch by Michael Stapelberg. (Closes: #630581) -- Jérémy Bobbio Tue, 25 Sep 2012 09:17:06 +0200 dropbear (2012.55-1) unstable; urgency=high * New upstream release. * Fix use-after-free bug that could be triggered if command="..." authorized_keys restrictions are used. Could allow arbitrary code execution or bypass of the command="..." restriction to an authenticated user. This bug affects releases 0.52 onwards. Ref CVE-2012-0920 (closes: #661150). Thanks to Danny Fullerton of Mantor Organization for reporting the bug. -- Gerrit Pape Mon, 27 Feb 2012 14:18:53 +0000 dropbear (2011.54-1) unstable; urgency=low [ Matt Johnston ] * new upstream release. * Added ALLOW_BLANK_PASSWORD option. Dropbear also now allows public key logins to accounts with a blank password. Thanks to Rob Landley (closes: #555889). * Bind to sockets with IPV6_V6ONLY so that it works properly on systems regardless of the system-wide setting (closes: #636696). [ Gerrit Pape ] * debian/control: Standards-Version: 3.9.2.0. -- Gerrit Pape Wed, 16 Nov 2011 12:36:03 +0000 dropbear (0.53.1-1) unstable; urgency=low [ Matt Johnston ] * New upstream release. * SSH_ORIGINAL_COMMAND environment variable is set by the server when an authorized_keys command is specified (closes: #604524). [ Gerrit Pape ] * debian/rules: add --enable-bundled-libtom option to ./configure. * debian/rules: remove -DXAUTH_COMMAND="/usr/bin/X11/xauth -q from CFLAGS (workaround ./configure stupidity; closes: #625192). * debian/diff/0003-options.h-use-usr-bin-xauth-instead-of...diff: new; use /usr/bin/xauth instead of /usr/bin/X11/xauth for XAUTH_COMMAND (closes: #614355). -- Gerrit Pape Mon, 02 May 2011 16:35:14 +0000 dropbear (0.52-5) unstable; urgency=low [ debian@x.ray.net ] * debian/dropbear.postinst: initramfs-tools uses a conf-hooks.d/ directory for mkinitramfs ('compiletime') configuration, so to be sure to read the whole/correct config we need to source the files in there too, additionally to initramfs.conf (closes: #575504). * debian/initramfs/dropbear-conf: set UMASK=0077 (closes: #578117). [ Gerrit Pape ] * debian/control: Standards-Version: 3.8.4.0. -- Gerrit Pape Sun, 18 Apr 2010 23:04:36 +0000 dropbear (0.52-4) unstable; urgency=low * debian/initramfs/dropbear-hook: allow more than one public key in initramfs (thx Chris for the patch; closes: #548309). -- Gerrit Pape Tue, 06 Oct 2009 01:51:42 +0000 dropbear (0.52-3) unstable; urgency=low * debian/rules: configure: add XAUTH_COMMAND="/usr/bin/X11/xauth -q" to CFLAGS (thx Axel Beckert, Colin Watson; closes: #532900). * debian/dropbear.init: Improve abort messages due to /etc/default/dropbear::NO_START (thx Jari Aalto for the patch; closes: #541432). * debian/control: Provides: ssh-server (thx Steffen Moeller; closes: #543174) * debian/control: Suggests: xauth (thx Francis Russell; closes: #508233). -- Gerrit Pape Thu, 24 Sep 2009 14:37:17 +0000 dropbear (0.52-2) unstable; urgency=medium * debian/initramfs/premount-dropbear: run configure_networking in the background (thx debian@x.ray.net, closes: #514213, #524728). * debian/control: Standards-Version: 3.8.2.0. -- Gerrit Pape Sun, 28 Jun 2009 23:22:39 +0000 dropbear (0.52-1) unstable; urgency=low [ Matt Johnston ] * New upstream release. * dbclient.1: mention optional 'command' argument (closes: #495823). [ Gerrit Pape ] * debian/diff/0001-dbclient.1-dbclient-uses-compression-if...diff: new; dbclient.1: dbclient uses compression if compiled with zlib support (thx Luca Capello, closes: #495825). * debian/initramfs/*: new; cryptroot remote unlocking on boot feature (thx debian@x.ray.net). * debian/rules: install debian/initramfs/* (thx debian@x.ray.net). * debian/control: Suggests: udev (for cryptroot support, thx debian@x.ray.net). * debian/dropbear.postinst: conditionally run update-initramfs -u (for cryptroot support, thx debian@x.ray.net. closes: #465903). * debian/diff/0002-dropbearkey.8-mention-y-option-add-example.diff: new; mention -y option, add example (thx debian@x.ray.net). -- Gerrit Pape Wed, 19 Nov 2008 20:58:59 +0000 dropbear (0.51-1) unstable; urgency=low [ Matt Johnston ] * New upstream release. - Wait until a process exits before the server closes a connection, so that an exit code can be sent. This fixes problems with exit codes not being returned, which could cause scp to fail (closes: #448397, #472483). [ Gerrit Pape ] * debian/dropbear.postinst: don't print an error message if the update-service program is not installed (thx Matt). -- Gerrit Pape Thu, 27 Mar 2008 20:08:06 +0000 dropbear (0.50-4) unstable; urgency=low * debian/dropbear.init: apply patch from Petter Reinholdtsen: add LSB formatted dependency info in init.d script (closes: #466257). * debian/rules: no longer include symlinks for ./supervise/ subdirectories. * debian/dropbear.postinst: upgrade from << 0.50-4: if dropbear is managed by runit, remove service, and re-add using update-service(8). * debian/control: Standards-Version: 3.7.3.0. * debian/rules: target clean: don't ignore errors but check for readable ./Makefile. -- Gerrit Pape Thu, 06 Mar 2008 19:06:58 +0000 dropbear (0.50-3) unstable; urgency=low * debian/dropbear.init: use the update-service(8) program from the runit package instead of directly checking for the symlink in /var/service/. * debian/README.runit: talk about update-service(8) instead of symlinks in /var/service/. -- Gerrit Pape Fri, 15 Feb 2008 00:32:37 +0000 dropbear (0.50-2) unstable; urgency=low * debian/dropbear.README.Debian: no longer talk about entropy from /dev/random, /dev/urandom is now used by default (thx Joey Hess, closes: #441515). -- Gerrit Pape Mon, 24 Sep 2007 16:49:17 +0000 dropbear (0.50-1) unstable; urgency=low * debian/README.runit: minor. * new upstream version. * debian/diff/0001-options.h-use-dev-urandom-instead-of-dev-random-a.diff: remove; fixed upstream. -- Gerrit Pape Thu, 09 Aug 2007 23:01:01 +0000 dropbear (0.49-2) unstable; urgency=low * debian/rules: apply diffs from debian/diff/ with patch -p1 instead of -p0. * debian/diff/0001-options.h-use-dev-urandom-instead-of-dev-random-a.diff: new; options.h: use /dev/urandom instead of /dev/random as DROPBEAR_RANDOM_DEV (closes: #386976). * debian/rules: target clean: remove libtomcrypt/Makefile, libtommath/Makefile. -- Gerrit Pape Sat, 09 Jun 2007 08:59:59 +0000 dropbear (0.49-1) unstable; urgency=high * new upstream release, fixes * CVE-2007-1099: dropbear dbclient insufficient warning on hostkey mismatch (closes: #412899). * dbclient uses static "Password:" prompt instead of using the server's prompt (closes: #394996). * debian/control: Suggests: openssh-client, not ssh (closes: #405686); Standards-Version: 3.7.2.2. * debian/README.Debian: ssh -> openssh-server, openssh-client; remove 'Replacing OpenSSH "sshd" with Dropbear' part, this is simply done by not installing the openssh-server package. * debian/README.runit: runsvstat -> sv status. -- Gerrit Pape Fri, 2 Mar 2007 20:48:18 +0000 dropbear (0.48.1-1) unstable; urgency=medium * new upstream point release. * Compile fix for scp * debian/diff/dbclient.1.diff: new: document -R option to dbclient accurately (thx Markus Schaber; closes: #351882). * debian/dropbear.README.Debian: document a workaround for systems with possibly blocking /dev/random device (closes: #355414).. -- Gerrit Pape Sun, 16 Apr 2006 16:16:40 +0000 dropbear (0.48-1) unstable; urgency=medium * New upstream release. * SECURITY: Improve handling of denial of service attempts from a single IP. * debian/implicit: update to revision 1.11. * new upstream release updates to scp from OpenSSH 4.3p2 - fixes a security issue where use of system() could cause users to execute arbitrary code through malformed filenames; CVE-2006-0225 (see also #349645); the scp binary is not provided by this package though. -- Gerrit Pape Fri, 10 Mar 2006 22:00:32 +0000 dropbear (0.47-1) unstable; urgency=high * New upstream release. * SECURITY: Fix incorrect buffer sizing; CVE-2005-4178. -- Matt Johnston Thu, 8 Dec 2005 19:20:21 +0800 dropbear (0.46-2) unstable; urgency=low * debian/control: Standards-Version: 3.6.2.1; update descriptions to mention included server and client (thx Tino Keitel). * debian/dropbear.init: allow '/etc/init.d/dropbear stop' even though 'NO_START is not set to zero.' (closes: #336723). -- Gerrit Pape Tue, 6 Dec 2005 13:30:49 +0000 dropbear (0.46-1) unstable; urgency=medium * New upstream release, various fixes. * debian/diff/dbclient-usage-typo.diff, debian/diff/manpages.diff: remove; obsolete. * debian/dbclient.1: move to ./dbclient.1. -- Matt Johnston Fri, 8 July 2005 21:32:55 +0800 dropbear (0.45-3) unstable; urgency=low * debian/dropbear.init: init script prints human readable message in case it's disabled (closes: #309099). * debian/dropbear.postinst: configure: restart service through init script instead of start. * debian/dropbear.prerm: set -u -> set -e. -- Gerrit Pape Wed, 25 May 2005 22:38:17 +0000 dropbear (0.45-2) unstable; urgency=low * Matt Johnston: * New upstream release, various fixes. -- Gerrit Pape Sat, 12 Mar 2005 15:17:55 +0000 dropbear (0.44-1) unstable; urgency=low * New upstream release. * debian/rules: install /usr/bin/dbclient; handle possible patches more gracefully; install debian/dbclient.1 man page; enable target patch; minor. * debian/implicit: update to revision 1.10. * debian/dbclient.1: new; man page. * debian/diff/dbclient-usage-typo.diff: new; fix typo. * debian/diff/manpages.diff: new; add references to dbclient man page. -- Gerrit Pape Sat, 8 Jan 2005 22:50:43 +0000 dropbear (0.43-2) unstable; urgency=high * Matt Johnston: * New upstream release 0.43 * SECURITY: Don't attempt to free uninitialised buffers in DSS verification code * Handle portforwarding to servers which don't send any initial data (Closes: #258426) * debian/dropbear.postinst: remove code causing bothersome warning on package install (closes: #256752). * debian/README.Debian.diet: new; how to build with the diet libc. * debian/dropbear.docs: add debian/README.Debian.diet. * debian/rules: support "diet" in DEB_BUILD_OPTIONS; minor cleanup. -- Gerrit Pape Sat, 17 Jul 2004 19:31:19 +0000 dropbear (0.42-1) unstable; urgency=low * New upstream release 0.42. * debian/diff/cvs-20040520.diff: remove; obsolete. * debian/rules: disable target patch. -- Matt Johnston Wed, 16 June 2004 12:44:54 +0800 dropbear (0.41-3) unstable; urgency=low * 1st upload to the Debian archive (closes: #216553). * debian/diff/cvs-20040520.diff: new; stable cvs snapshot. * debian/rules: new target patch: apply diffs in debian/diff/, reverse apply in target clean; install man pages. * debian/control: Priority: optional. -- Gerrit Pape Sun, 23 May 2004 08:32:37 +0000 dropbear (0.41-2) unstable; urgency=low * new maintainer. * debian/control: no longer Build-Depends: debhelper; Build-Depends: libz-dev; Standards-Version: 3.6.1.0; Suggests: runit; update descriptions. * debian/rules: stop using debhelper, use implicit rules; cleanup; install dropbearconvert into /usr/lib/dropbear/. * debian/impicit: new; implicit rules. * debian/copyright.in: adapt. * debian/dropbear.init: minor adaptions; test for dropbear service directory. * debian/README.runit: new; how to use dropbear with runit. * debian/README.Debian, debian/docs: rename to debian/dropbear.*. * debian/dropbear.docs: add debian/README.runit * debian/conffiles: rename to debian/dropbear.conffiles; add init script, and run scripts. * debian/postinst: rename to debian/dropbear.postinst; adapt; use invloke-rc.d dropbear start. * debian/dropbear.prerm: new; invoke-rc.d dropbear stop. * debian/postrm: rename to debian/dropbear.postrm; adapt; clean up service directories. * debian/compat, debian/dirs, dropbear.default: remove; obsolete. -- Gerrit Pape Sun, 16 May 2004 16:50:55 +0000 dropbear (0.41-1) unstable; urgency=low * Updated to 0.41 release. * Various minor fixes -- Matt Johnston Mon, 19 Jan 2004 23:20:54 +0800 dropbear (0.39-1) unstable; urgency=low * updated to 0.39 release. Some new features, some bugfixes. -- Matt Johnston Tue, 16 Dec 2003 16:20:54 +0800 dropbear (0.38-1) unstable; urgency=medium * updated to 0.38 release - various important bugfixes -- Matt Johnston Sat, 11 Oct 2003 16:28:54 +0800 dropbear (0.37-1) unstable; urgency=medium * updated to 0.37 release - various important bugfixes -- Matt Johnston Wed, 24 Sept 2003 19:43:54 +0800 dropbear (0.36-1) unstable; urgency=high * updated to 0.36 release - various important bugfixes -- Matt Johnston Tues, 19 Aug 2003 12:20:54 +0800 dropbear (0.35-1) unstable; urgency=high * updated to 0.35 release - contains fix for remotely exploitable vulnerability. -- Matt Johnston Sun, 17 Aug 2003 05:37:47 +0800 dropbear (0.34-1) unstable; urgency=medium * updated to 0.34 release -- Matt Johnston Fri, 15 Aug 2003 15:10:00 +0800 dropbear (0.33-1) unstable; urgency=medium * updated to 0.33 release -- Matt Johnston Sun, 22 Jun 2003 22:22:00 +0800 dropbear (0.32cvs-1) unstable; urgency=medium * now maintained in UCC CVS * debian/copyright.in file added, generated from LICENSE -- Grahame Bowland Tue, 21 Jun 2003 17:57:02 +0800 dropbear (0.32cvs-1) unstable; urgency=medium * sync with CVS * fixes X crash bug -- Grahame Bowland Tue, 20 Jun 2003 15:04:47 +0800 dropbear (0.32-2) unstable; urgency=low * fix creation of host keys to use correct names in /etc/dropbear * init script "restart" function fixed * purging this package now deletes the host keys and /etc/dropbear * change priority in debian/control to 'standard' -- Grahame Bowland Tue, 17 Jun 2003 15:04:47 +0800 dropbear (0.32-1) unstable; urgency=low * Initial Release. -- Grahame Bowland Tue, 17 Jun 2003 15:04:47 +0800