summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorPeter Korsgaard <jacmet@sunsite.dk>2012-02-24 13:11:16 (GMT)
committer Peter Korsgaard <jacmet@sunsite.dk>2012-02-24 13:11:16 (GMT)
commit086bdfd378a0eeb85fc18fa7c05fdff64d1a3bea (patch)
treeb50314169d8d2955b1020827d9ba1a81878397a1
parent3d6ff4f5271f6b5c139ffd226b6ab6c90d2a81aa (diff)
downloadbuildroot-086bdfd378a0eeb85fc18fa7c05fdff64d1a3bea.tar.gz
buildroot-086bdfd378a0eeb85fc18fa7c05fdff64d1a3bea.tar.bz2
dropbear: bump version, fixes CVE-2012-0920
From the release notes: Security: Fix use-after-free bug that could be triggered if command="..." authorized_keys restrictions are used. Could allow arbitrary code execution or bypass of the command="..." restriction to an authenticated user. Signed-off-by: Peter Korsgaard <jacmet@sunsite.dk>
-rw-r--r--package/dropbear/dropbear-2011.54-no-ipv6.patch18
-rw-r--r--package/dropbear/dropbear.mk2
2 files changed, 1 insertions, 19 deletions
diff --git a/package/dropbear/dropbear-2011.54-no-ipv6.patch b/package/dropbear/dropbear-2011.54-no-ipv6.patch
deleted file mode 100644
index 4ee9aaa..0000000
--- a/package/dropbear/dropbear-2011.54-no-ipv6.patch
+++ /dev/null
@@ -1,18 +0,0 @@
-Check for IPV6_TCLASS instead of IPPROTO_IPV6 since
-it's present on non-IPv6 enabled toolchains too.
-
-Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
----
-
-diff -Nura dropbear-2011.54.orig/dbutil.c dropbear-2011.54/dbutil.c
---- dropbear-2011.54.orig/dbutil.c 2011-11-08 09:48:15.000000000 -0300
-+++ dropbear-2011.54/dbutil.c 2011-11-09 12:14:59.430074138 -0300
-@@ -164,7 +164,7 @@
- /* set the TOS bit for either ipv4 or ipv6 */
- #ifdef IPTOS_LOWDELAY
- val = IPTOS_LOWDELAY;
--#ifdef IPPROTO_IPV6
-+#ifdef IPV6_TCLASS
- setsockopt(sock, IPPROTO_IPV6, IPV6_TCLASS, (void*)&val, sizeof(val));
- #endif
- setsockopt(sock, IPPROTO_IP, IP_TOS, (void*)&val, sizeof(val));
diff --git a/package/dropbear/dropbear.mk b/package/dropbear/dropbear.mk
index 5fa50ba..fea96d6 100644
--- a/package/dropbear/dropbear.mk
+++ b/package/dropbear/dropbear.mk
@@ -4,7 +4,7 @@
#
#############################################################
-DROPBEAR_VERSION = 2011.54
+DROPBEAR_VERSION = 2012.55
DROPBEAR_SITE = http://matt.ucc.asn.au/dropbear/releases
DROPBEAR_TARGET_BINS = dbclient dropbearkey dropbearconvert scp ssh
DROPBEAR_MAKE = $(MAKE) MULTI=1 SCPPROGRESS=1 \