All of lore.kernel.org
 help / color / mirror / Atom feed
* [PATCH][krogoth] dropbear: upgrade to 2016.72
@ 2016-09-14 12:34 Sona Sarmadi
  2016-09-14 20:26 ` akuster808
  0 siblings, 1 reply; 2+ messages in thread
From: Sona Sarmadi @ 2016-09-14 12:34 UTC (permalink / raw)
  To: openembedded-core

The upgrade addresses CVE-2016-3116:

- Validate X11 forwarding input. Could allow bypass of
  authorized_keys command= restrictions,
  found by github.com/tintinweb.
  Thanks for Damien Miller for a patch. CVE-2016-3116

References:
https://matt.ucc.asn.au/dropbear/CHANGES
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3116

Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com>
---
 meta/recipes-core/dropbear/dropbear_2015.71.bb | 5 -----
 meta/recipes-core/dropbear/dropbear_2016.72.bb | 4 ++++
 2 files changed, 4 insertions(+), 5 deletions(-)
 delete mode 100644 meta/recipes-core/dropbear/dropbear_2015.71.bb
 create mode 100644 meta/recipes-core/dropbear/dropbear_2016.72.bb

diff --git a/meta/recipes-core/dropbear/dropbear_2015.71.bb b/meta/recipes-core/dropbear/dropbear_2015.71.bb
deleted file mode 100644
index 6332579..0000000
--- a/meta/recipes-core/dropbear/dropbear_2015.71.bb
+++ /dev/null
@@ -1,5 +0,0 @@
-require dropbear.inc
-
-SRC_URI[md5sum] = "2ccc0a2f3e37ca221db12c5af6a88137"
-SRC_URI[sha256sum] = "376214169c0e187ee9f48ae1a99b3f835016ad5b98ede4bfd1cf581deba783af"
-
diff --git a/meta/recipes-core/dropbear/dropbear_2016.72.bb b/meta/recipes-core/dropbear/dropbear_2016.72.bb
new file mode 100644
index 0000000..1385efd
--- /dev/null
+++ b/meta/recipes-core/dropbear/dropbear_2016.72.bb
@@ -0,0 +1,4 @@
+require dropbear.inc
+
+SRC_URI[md5sum] = "96226b82725a8cbecad9fc738930d1d2"
+SRC_URI[sha256sum] = "9323766d3257699fd7d6e7b282c5a65790864ab32fd09ac73ea3d46c9ca2d681"
-- 
1.9.1



^ permalink raw reply related	[flat|nested] 2+ messages in thread
* Re: [PATCH][krogoth] dropbear: upgrade to 2016.72
  2016-09-14 12:34 [PATCH][krogoth] dropbear: upgrade to 2016.72 Sona Sarmadi
@ 2016-09-14 20:26 ` akuster808
  0 siblings, 0 replies; 2+ messages in thread
From: akuster808 @ 2016-09-14 20:26 UTC (permalink / raw)
  To: Sona Sarmadi, openembedded-core

On 9/14/16 5:34 AM, Sona Sarmadi wrote:
> The upgrade addresses CVE-2016-3116:
>
> - Validate X11 forwarding input. Could allow bypass of
>   authorized_keys command= restrictions,
>   found by github.com/tintinweb.
>   Thanks for Damien Miller for a patch. CVE-2016-3116

thanks,
I will pull this into my local staging to build. There is a krogoth-next
YP build underway I don't want to stop.

regards,
Armin
>
> References:
> https://matt.ucc.asn.au/dropbear/CHANGES
> https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3116
>
> Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com>
> ---
>  meta/recipes-core/dropbear/dropbear_2015.71.bb | 5 -----
>  meta/recipes-core/dropbear/dropbear_2016.72.bb | 4 ++++
>  2 files changed, 4 insertions(+), 5 deletions(-)
>  delete mode 100644 meta/recipes-core/dropbear/dropbear_2015.71.bb
>  create mode 100644 meta/recipes-core/dropbear/dropbear_2016.72.bb
>
> diff --git a/meta/recipes-core/dropbear/dropbear_2015.71.bb b/meta/recipes-core/dropbear/dropbear_2015.71.bb
> deleted file mode 100644
> index 6332579..0000000
> --- a/meta/recipes-core/dropbear/dropbear_2015.71.bb
> +++ /dev/null
> @@ -1,5 +0,0 @@
> -require dropbear.inc
> -
> -SRC_URI[md5sum] = "2ccc0a2f3e37ca221db12c5af6a88137"
> -SRC_URI[sha256sum] = "376214169c0e187ee9f48ae1a99b3f835016ad5b98ede4bfd1cf581deba783af"
> -
> diff --git a/meta/recipes-core/dropbear/dropbear_2016.72.bb b/meta/recipes-core/dropbear/dropbear_2016.72.bb
> new file mode 100644
> index 0000000..1385efd
> --- /dev/null
> +++ b/meta/recipes-core/dropbear/dropbear_2016.72.bb
> @@ -0,0 +1,4 @@
> +require dropbear.inc
> +
> +SRC_URI[md5sum] = "96226b82725a8cbecad9fc738930d1d2"
> +SRC_URI[sha256sum] = "9323766d3257699fd7d6e7b282c5a65790864ab32fd09ac73ea3d46c9ca2d681"




^ permalink raw reply	[flat|nested] 2+ messages in thread
end of thread, other threads:[~2016-09-14 20:27 UTC | newest]

Thread overview: 2+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2016-09-14 12:34 [PATCH][krogoth] dropbear: upgrade to 2016.72 Sona Sarmadi
2016-09-14 20:26 ` akuster808

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.