File: [cvs.NetBSD.org] / pkgsrc / security / dropbear / Makefile (download)
Revision 1.6, Tue Aug 31 10:27:38 2004 UTC (19 years, 7 months ago) by martti
Branch: MAIN
CVS Tags: pkgsrc-2004Q3-base, pkgsrc-2004Q3 Changes since 1.5: +2 -2
lines
Updated dropbear to 0.43
- SECURITY: Don't try to free() uninitialised variables in DSS verification
code. Thanks to Arne Bernin for pointing out this bug. This is possibly
exploitable, all users with DSS and pubkey-auth compiled in are advised to
upgrade.
- Clean up agent forwarding socket files correctly, patch from Gerrit Pape.
- Don't go into an infinite loop when portforwarding to servers which don't
send any initial data/banner. Patch from Nikola Vladov
- Fix for network vs. host byte order in logging remote TCP ports, also
from Gerrit Pape.
- Initialise many pointers to NULL, for general safety. Also checked cleanup
code for mp_ints (related to security issues above).
|