Back to dropbear PTS page

Accepted dropbear 2020.81-3+deb11u1 (source) into oldstable-proposed-updates

To: debian-changes@lists.debian.org
Subject: Accepted dropbear 2020.81-3+deb11u1 (source) into oldstable-proposed-updates
From: Debian FTP Masters <ftpmaster@ftp-master.debian.org>
Date: Fri, 02 Feb 2024 15:32:37 +0000
Debian: DAK
Debian-architecture: source
Debian-archive-action: accept
Debian-changes: dropbear_2020.81-3+deb11u1_source.changes
Debian-source: dropbear
Debian-suite: oldstable-proposed-updates
Debian-version: 2020.81-3+deb11u1
Dkim-signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=ftp-master.debian.org; s=smtpauto.fasolo; h=Date:Message-Id: Content-Transfer-Encoding:Content-Type:Subject:MIME-Version:To:Reply-To:From: Cc:Content-ID:Content-Description:In-Reply-To:References; bh=ceIAK0v/8iRo3TjMjOk3ZCiH9ke46QBudWfI05UQJ1I=; b=nrE888VphMxTQKV0WjcvxJR+b/ eoPLOLKb/paH5pAuoNsPCSx5dXOThIKDVqBZQuF2pQuQzQCJLbaSTYRbJtKjRTPQvblEQ0Yy4RYjZ 38GOlptxhHXLMRTZ4eVaa71+RKhcPenA31IpHeIbd2EIZ7zZUUzfJyCLcLtKluXzbyN4Ux77ptm1/ HwLOwqM2yYYxBW1xLIlgV3qUKOSo4EIDqI8RaM+f8fzNmgc3zGaDY5JfrpHFVsrE5qe7XSktpvoj5 AWEMxDJUliHJB364HCGMI42adVTSxnyR2YVPJVkIQ7Le9Vf+OQWx7CK96C3MV22WKOkhW3D1IRlj+ OLu2SCXg==;
Mail-followup-to: debian-devel@lists.debian.org
Message-id: <E1rVvWv-00BdnC-M8@fasolo.debian.org>
Reply-to: debian-devel@lists.debian.org

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Fri, 26 Jan 2024 12:00:26 +0100
Source: dropbear
Architecture: source
Version: 2020.81-3+deb11u1
Distribution: bullseye
Urgency: medium
Maintainer: Guilhem Moulin <guilhem@debian.org>
Changed-By: Guilhem Moulin <guilhem@debian.org>
Closes: 1059001
Changes:
 dropbear (2020.81-3+deb11u1) bullseye; urgency=medium
 .
   * Fix CVE-2021-36369: Due to a non-RFC-compliant check of the available
     authentication methods in the client-side SSH code, it is possible for an
     SSH server to change the login process in its favor.
   * Fix CVE-2023-48795 (terrapin attack): The SSH transport protocol with
     certain OpenSSH extensions allows remote attackers to bypass integrity
     checks such that some packets are omitted (from the extension negotiation
     message), and a client and server may consequently end up with a
     connection for which some security features have been downgraded or
     disabled, aka a Terrapin attack. (Closes: #1059001)
   * d/t/on-lvm-and-luks: Target bullseye not sid.
   * d/t/on-lvm-and-luks: Bump disk image size to 4G as the previous size was
     too small for bullseye-security updates (kernel etc.).
   * Salsa CI: Target bullseye and disable lintian job.
Checksums-Sha1:
 d37b4e556d9af8ca31ecdc5fcf7d4fda1e99ff40 2594 dropbear_2020.81-3+deb11u1.dsc
 01acc5fb4dccb222036fc897336f4a917855e6da 34952 dropbear_2020.81-3+deb11u1.debian.tar.xz
 ce8c73faeecc1d34f8753e93eaabecbb6f26e1e7 7448 dropbear_2020.81-3+deb11u1_amd64.buildinfo
Checksums-Sha256:
 7641e4fbc28085e9fc66d0e01cb88b9f3ef6d2f54f098d185d13f4e556c7f705 2594 dropbear_2020.81-3+deb11u1.dsc
 4fab0450874730a0a5cfb0043fdf51e6a652310146ca5df59d1b0dad3b448862 34952 dropbear_2020.81-3+deb11u1.debian.tar.xz
 3b7a0d5da13cee7e578a154e21dae2be2810b2501afcfa9bc38194f9831d8f3c 7448 dropbear_2020.81-3+deb11u1_amd64.buildinfo
Files:
 1d5b7a44e5dbf2bddf01c35c8aa0018c 2594 net optional dropbear_2020.81-3+deb11u1.dsc
 25e67aeccd7e77a54f44e72ebbbb13f9 34952 net optional dropbear_2020.81-3+deb11u1.debian.tar.xz
 d40b85117e754a95a9eab55830aef1e7 7448 net optional dropbear_2020.81-3+deb11u1_amd64.buildinfo

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEERpy6p3b9sfzUdbME05pJnDwhpVIFAmWzkP4ACgkQ05pJnDwh
pVJSfBAAv1bqXJw7u54Rw1SgIWPo74slK9z3xD0WFijCvHsfMJS1lUBfY2lop7XC
4vZLaV55q3WLhTBcE5kF8rrssnSjK19v7+4aqLgZIe2T+PE7hClWODTWVktKUv2c
1JBqsjtqvc98HA3S9893qxxlEVrkB8U7I2LskUsKyNcmEiOl/EKVWp6D/w5Iomf6
6EgC0WDFR0Jb7yAU1ex7A3TumQ4Zh5N59na9ZYQm5E6VJ+iLeQ49xKmSf3M/4eo5
VmMIZngxpOxUo8a524jhzMUM0RMYGofLLDrqKdbwh3mVHxlcTHlLov1gAxE/s4Pr
iZlpJLgW1OvMm6bv5gB3qzX8WZxFtPsVVYURoesvlE6AUm2c7qmJgX7+OCITCZwM
mcIyRNy2kVW0KF0C6ZzLru2YSKliEUVIVoseUdV9xUnNsqiK8nh5b3FSBUfAQHii
a4w5ARHwSJ0624KO5M+KFUkbo3Ynsj9Jth8Ozrmxty1MyEYdPLR7HP9Pl4zOdEIA
Kl3XD927v2o2NiflXmuBAA6VPtC8uvQDNvY8sbax6gmwPWvAQuyVN5UnPVoMxtiR
Tvys9VlKxs8OsyvJGod6rENJFIWvKJzl7S+U8/g4P2KiVnmtubQ1WwVmxX3ly68f
eue0p7qpWavqYOYdu1sGHk5kryzqgjxmmXy0exYpHiSfqHPrtzU=
=KUjL
-----END PGP SIGNATURE-----