Accepted dropbear 2022.83-1+deb12u1 (source) into proposed-updates
- To: debian-changes@lists.debian.org
- Subject: Accepted dropbear 2022.83-1+deb12u1 (source) into proposed-updates
- From: Debian FTP Masters <ftpmaster@ftp-master.debian.org>
- Date: Wed, 31 Jan 2024 10:03:13 +0000
- Debian: DAK
- Debian-architecture: source
- Debian-archive-action: accept
- Debian-changes: dropbear_2022.83-1+deb12u1_source.changes
- Debian-source: dropbear
- Debian-suite: proposed-updates
- Debian-version: 2022.83-1+deb12u1
- Dkim-signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=ftp-master.debian.org; s=smtpauto.fasolo; h=Date:Message-Id: Content-Transfer-Encoding:Content-Type:Subject:MIME-Version:To:Reply-To:From: Cc:Content-ID:Content-Description:In-Reply-To:References; bh=qkTOz55GpFPZik29p2ZS3bvHnyyMXt5o7DuxJA4SoIA=; b=XIglftDXP7HbNSNR9JoD1mkxiU x0LNjXrWThzSeOwxKDq0QyVIjI9yYNx+izxzzYirwHCcOXXdHOAZ72SPJJ9R9z2tmnz4IwXsnZPgL XABJcrZtZ/8Uv+PtdlKxgbhABOe8RWyi92wyzcJqqNhKanjtGwbEcGf38jZXfE0gTGtfTkUmqsS11 9JOUaW7F5Yn/SK1BoQOwVu1If7pmcPXvG6JDJXm4lJrUfP/CcAU82MwEHpKs3h6KVKDU1mC933ek+ q4sPYd9imoU09sVNTcGg7/tHrLH+ZB2ub8YTGifsvmqCIXqinFZaJyVe/VNpcSlqHb/Ui0+PzVR9G WtMKv6Lw==;
- Mail-followup-to: debian-devel@lists.debian.org
- Message-id: <E1rV7R3-00FHkg-4H@fasolo.debian.org>
- Reply-to: debian-devel@lists.debian.org
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Format: 1.8
Date: Fri, 26 Jan 2024 10:01:00 +0100
Source: dropbear
Architecture: source
Version: 2022.83-1+deb12u1
Distribution: bookworm
Urgency: medium
Maintainer: Guilhem Moulin <guilhem@debian.org>
Changed-By: Guilhem Moulin <guilhem@debian.org>
Closes: 1059001
Changes:
dropbear (2022.83-1+deb12u1) bookworm; urgency=medium
.
* Fix CVE-2023-48795: (terrapin attack): The SSH transport protocol with
certain OpenSSH extensions allows remote attackers to bypass integrity
checks such that some packets are omitted (from the extension negotiation
message), and a client and server may consequently end up with a
connection for which some security features have been downgraded or
disabled, aka a Terrapin attack. (Closes: #1059001)
Checksums-Sha1:
692f8b276888861da31b2ebf2f54f9c7b8d2b686 2614 dropbear_2022.83-1+deb12u1.dsc
97a18621ae57e9f7aa98ff5a6c0c4e4ce0c01d36 36860 dropbear_2022.83-1+deb12u1.debian.tar.xz
ef4a025fdbdc4ba93629288250f0b520b4afe73b 7504 dropbear_2022.83-1+deb12u1_amd64.buildinfo
Checksums-Sha256:
d629523b1fb44942e9dc611bc00a6513cd0b60dda3a4cd916bae11832a74428a 2614 dropbear_2022.83-1+deb12u1.dsc
6bee1e383176908d5b6de4ccd503260404356b5cded6a78b5a7fa76e8c943e49 36860 dropbear_2022.83-1+deb12u1.debian.tar.xz
d0f7ec56c042101f632d1644249a728e7fda6e1c7af6e0e84060d8ef9d37d279 7504 dropbear_2022.83-1+deb12u1_amd64.buildinfo
Files:
06d68565eccc6fbec29c993295fcdd62 2614 net optional dropbear_2022.83-1+deb12u1.dsc
3c1c408a74a6228f1fb29559533e8e6d 36860 net optional dropbear_2022.83-1+deb12u1.debian.tar.xz
6ea7040c560daf5b2a7fbe151bb87247 7504 net optional dropbear_2022.83-1+deb12u1_amd64.buildinfo
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCgAdFiEERpy6p3b9sfzUdbME05pJnDwhpVIFAmWzdUMACgkQ05pJnDwh
pVL4Aw//Yb2K/pAsrcfUB7ADfNOq0XmBmioxWlq3YUWoHgVkHgJZgxPMe9AkaKE9
6zGZqq/Bxm7zmX5w9D5kZeEDYeIItKLIsNHLJxTvyZeWu0KxprZs22ZcrebomkRJ
J+RfJ7TySAAR/L/cHkM3M+8KAq7JMnhFXHQRjUrcWcXekk/wDn4gg6xVihSqa+wQ
7uaxIAG6eIPiOPPsc7TKmXlE4BhnALeLR89iSm+Iwtm0SBNJy2P+37s0aEq7vegn
5cwqsYfLuymQEiWDMtXVa079NU6aCnlNsTfUDn83LC27RsBjNZdfvW0wY1ecaOze
MTkoXaKi7AICITiMa7VR7trXHgsW1W4azg54h4+IuqmNjv74qN/jIbsINcp1WLJB
uZg+ErAk1iVqVhmQJTHplkCB41HAJ0sNrIJ9OWMZKQUlZs0uDNANV5K8wujaLmGx
ca+WNhqhb3n+903An2SpluzcyKfuFoaF5xBQO84hcY6bi+VWImBB+ou2OSXyZ2yS
2Ih7vN5mt1JwUYMZ0SWcc8QavORnaqon1U2pfFn6Hcd0uRuOpHe64NZA9M0nDFUo
j4qEyO1kCidiRLRJu5aNOber8UaTF8yYjpDx2g4WGIG1ytkoYcEXavLvDmvOmD1X
rDeiKzgzObMuo/NBKRPW7CQtFVL5ozgcrOIG+3jx9O3j3fquRTk=
=YrjU
-----END PGP SIGNATURE-----