Author: Richard Hansen
Revision Date: 2015-02-04 16:11:03 UTC

Enable hmac-sha2-256 and hmac-sha2-512 MAC algorithms (LP: #1409798)

Author: Richard Hansen
Revision Date: 2015-02-04 16:11:03 UTC

Enable hmac-sha2-256 and hmac-sha2-512 MAC algorithms (LP: #1409798)

Author: Richard Hansen
Revision Date: 2015-02-04 16:11:03 UTC

Enable hmac-sha2-256 and hmac-sha2-512 MAC algorithms (LP: #1409798)

Author: Richard Hansen
Revision Date: 2015-02-04 16:11:03 UTC

Enable hmac-sha2-256 and hmac-sha2-512 MAC algorithms (LP: #1409798)

Author: Richard Hansen
Revision Date: 2015-02-04 16:11:03 UTC

Enable hmac-sha2-256 and hmac-sha2-512 MAC algorithms (LP: #1409798)

Author: Richard Hansen
Revision Date: 2015-02-08 09:02:41 UTC

Enable hmac-sha2-256 and hmac-sha2-512 MAC algorithms (LP: #1409798)

Author: Richard Hansen
Revision Date: 2015-02-08 08:51:12 UTC

Enable hmac-sha2-256 and hmac-sha2-512 MAC algorithms (LP: #1409798)

Author: Richard Hansen
Revision Date: 2015-02-04 16:11:03 UTC

Enable hmac-sha2-256 and hmac-sha2-512 MAC algorithms (LP: #1409798)

Author: Richard Hansen
Revision Date: 2015-02-04 16:11:03 UTC

Enable hmac-sha2-256 and hmac-sha2-512 MAC algorithms (LP: #1409798)

Author: Mattia Rizzolo
Revision Date: 2014-08-12 11:04:21 UTC

* Merge from Debian unstable. (LP: #1355670) Remaining changes:
  + debian/initramfs/premount-devpts, debian/rules: drop the script, this is
    handled by initramfs-tools.
  + debian/initramfs/dropbear-hook: do not install dropbear in the initramfs
    if there's no uncommented line in /etc/crypttab.
  + debian/initramfs/premout-dropbear: fix so that the network configuration
    happens before dropbear takes hold of the network card.

Author: Margarita Manterola
Revision Date: 2014-02-19 16:26:26 UTC

* Fix initramfs hooks so that the network configuration happens before
  dropbear takes hold of the network card. (LP: #363958)
* Drop premount-devpts script, this is handled by initramfs-tools.
  (LP: #1070992)
* Do not install dropbear in the initramfs if there's no uncommented line in
  /etc/crypttab.

Author: Luke Yelavich
Revision Date: 2012-11-14 11:47:41 UTC

* Merge from Debian unstable. Remaining changes: (LP: #834174)
  - Update config.guess,sub for aarch634
  - If /dev/pts is already mounted, don't re-mount.

Author: Luke Yelavich
Revision Date: 2012-11-14 11:47:41 UTC

* Merge from Debian unstable. Remaining changes: (LP: #834174)
  - Update config.guess,sub for aarch634
  - If /dev/pts is already mounted, don't re-mount.

Author: Luke Yelavich
Revision Date: 2012-11-14 11:47:41 UTC

* Merge from Debian unstable. Remaining changes: (LP: #834174)
  - Update config.guess,sub for aarch634
  - If /dev/pts is already mounted, don't re-mount.

Author: Wookey
Revision Date: 2012-10-01 12:56:40 UTC

Update config.guess,sub for aarch64

Author: Chris J Arges
Revision Date: 2012-06-08 15:30:28 UTC

If /dev/pts is already mounted, don't re-mount. (LP: #933903)

Author: Chris J Arges
Revision Date: 2012-06-08 15:30:28 UTC

If /dev/pts is already mounted, don't re-mount. (LP: #933903)

Author: Julian Taylor
Revision Date: 2012-04-24 22:54:41 UTC

* SECURITY UPDATE: remote execution via use after free (LP: #976360)
  - debian/diff/0004-Fix-use-after-free-bug-CVE-2012-0920.diff
    pulled from https://secure.ucc.asn.au/hg/dropbear/rev/818108bf7749
    Thanks to Matt Johnston
  - CVE-2012-0920

Author: Julian Taylor
Revision Date: 2012-04-24 22:54:41 UTC

* SECURITY UPDATE: remote execution via use after free (LP: #976360)
  - debian/diff/0003-Fix-use-after-free-bug-CVE-2012-0920.diff
    backported from https://secure.ucc.asn.au/hg/dropbear/rev/818108bf7749
    Thanks to Gerrit Pape
  - CVE-2012-0920

Author: Julian Taylor
Revision Date: 2012-04-24 22:54:41 UTC

* SECURITY UPDATE: remote execution via use after free (LP: #976360)
  - debian/diff/0005-Fix-use-after-free-bug-CVE-2012-0920.diff
    pulled from https://secure.ucc.asn.au/hg/dropbear/rev/818108bf7749
    Thanks to Matt Johnston
  - CVE-2012-0920

Author: Julian Taylor
Revision Date: 2012-04-24 22:54:41 UTC

* SECURITY UPDATE: remote execution via use after free (LP: #976360)
  - debian/diff/0005-Fix-use-after-free-bug-CVE-2012-0920.diff
    pulled from https://secure.ucc.asn.au/hg/dropbear/rev/818108bf7749
    Thanks to Matt Johnston
  - CVE-2012-0920

Author: Jamie Strandboge
Revision Date: 2012-04-26 06:43:53 UTC

fake sync from Debian

Author: Jamie Strandboge
Revision Date: 2012-04-26 06:43:53 UTC

fake sync from Debian

Author: Julian Taylor
Revision Date: 2012-04-24 22:54:41 UTC

* SECURITY UPDATE: remote execution via use after free (LP: #976360)
  - debian/diff/0003-Fix-use-after-free-bug-CVE-2012-0920.diff
    backported from https://secure.ucc.asn.au/hg/dropbear/rev/818108bf7749
    Thanks to Gerrit Pape
  - CVE-2012-0920

Author: Gerrit Pape
Revision Date: 2011-11-16 12:36:03 UTC

[ Matt Johnston ]
* new upstream release.
  * Added ALLOW_BLANK_PASSWORD option. Dropbear also now allows public
    key logins to accounts with a blank password. Thanks to Rob
    Landley (closes: #555889).
  * Bind to sockets with IPV6_V6ONLY so that it works properly on
    systems regardless of the system-wide setting (closes: #636696).

[ Gerrit Pape ]
* debian/control: Standards-Version: 3.9.2.0.

Author: Angel Abad
Revision Date: 2011-06-27 21:08:33 UTC

* debian/diff/0004-fix-ftbfs-with-binutils-gold.diff:
  - Add -lcrypt to fix ftbfs with binutils gold (Closes: #631858).

Author: Gerrit Pape
Revision Date: 2010-04-18 23:04:36 UTC

[ debian@x.ray.net ]
* debian/dropbear.postinst: initramfs-tools uses a conf-hooks.d/
  directory for mkinitramfs ('compiletime') configuration, so to be
  sure to read the whole/correct config we need to source the files
  in there too, additionally to initramfs.conf (closes: #575504).
* debian/initramfs/dropbear-conf: set UMASK=0077 (closes: #578117).

[ Gerrit Pape ]
* debian/control: Standards-Version: 3.8.4.0.

Author: Gerrit Pape
Revision Date: 2010-04-18 23:04:36 UTC

[ debian@x.ray.net ]
* debian/dropbear.postinst: initramfs-tools uses a conf-hooks.d/
  directory for mkinitramfs ('compiletime') configuration, so to be
  sure to read the whole/correct config we need to source the files
  in there too, additionally to initramfs.conf (closes: #575504).
* debian/initramfs/dropbear-conf: set UMASK=0077 (closes: #578117).

[ Gerrit Pape ]
* debian/control: Standards-Version: 3.8.4.0.

Author: Gerrit Pape
Revision Date: 2009-10-06 01:51:42 UTC

debian/initramfs/dropbear-hook: allow more than one public key in
initramfs (thx Chris for the patch; closes: #548309).

Author: Gerrit Pape
Revision Date: 2008-11-19 20:58:59 UTC

[ Matt Johnston ]
* New upstream release.
  * dbclient.1: mention optional 'command' argument (closes: #495823).

[ Gerrit Pape ]
* debian/diff/0001-dbclient.1-dbclient-uses-compression-if...diff:
  new; dbclient.1: dbclient uses compression if compiled with zlib
  support (thx Luca Capello, closes: #495825).
* debian/initramfs/*: new; cryptroot remote unlocking on boot feature
  (thx debian@x.ray.net).
* debian/rules: install debian/initramfs/* (thx debian@x.ray.net).
* debian/control: Suggests: udev (for cryptroot support, thx
  debian@x.ray.net).
* debian/dropbear.postinst: conditionally run update-initramfs -u
  (for cryptroot support, thx debian@x.ray.net. closes: #465903).
* debian/diff/0002-dropbearkey.8-mention-y-option-add-example.diff:
  new; mention -y option, add example (thx debian@x.ray.net).

Author: Gerrit Pape
Revision Date: 2008-03-27 20:08:06 UTC

[ Matt Johnston ]
* New upstream release.
  - Wait until a process exits before the server closes a connection,
    so that an exit code can be sent. This fixes problems with exit
    codes not being returned, which could cause scp to fail (closes:
    #448397, #472483).

[ Gerrit Pape ]
* debian/dropbear.postinst: don't print an error message if the
  update-service program is not installed (thx Matt).

Author: Gerrit Pape
Revision Date: 2007-09-24 16:49:17 UTC

debian/dropbear.README.Debian: no longer talk about entropy from
/dev/random, /dev/urandom is now used by default (thx Joey Hess,
closes: #441515).

Author: Gerrit Pape
Revision Date: 2007-06-09 08:59:59 UTC

* debian/rules: apply diffs from debian/diff/ with patch -p1 instead of
  -p0.
* debian/diff/0001-options.h-use-dev-urandom-instead-of-dev-random-a.diff:
  new; options.h: use /dev/urandom instead of /dev/random as
  DROPBEAR_RANDOM_DEV (closes: #386976).
* debian/rules: target clean: remove libtomcrypt/Makefile,
  libtommath/Makefile.

Author: Gerrit Pape
Revision Date: 2007-03-02 20:48:18 UTC

* new upstream release, fixes
  * CVE-2007-1099: dropbear dbclient insufficient warning on hostkey
    mismatch (closes: #412899).
  * dbclient uses static "Password:" prompt instead of using the server's
    prompt (closes: #394996).
* debian/control: Suggests: openssh-client, not ssh (closes: #405686);
  Standards-Version: 3.7.2.2.
* debian/README.Debian: ssh -> openssh-server, openssh-client; remove
  'Replacing OpenSSH "sshd" with Dropbear' part, this is simply done by not
  installing the openssh-server package.
* debian/README.runit: runsvstat -> sv status.

Author: Gerrit Pape
Revision Date: 2006-04-16 16:16:40 UTC

* new upstream point release.
  * Compile fix for scp
* debian/diff/dbclient.1.diff: new: document -R option to dbclient
  accurately (thx Markus Schaber; closes: #351882).
* debian/dropbear.README.Debian: document a workaround for systems with
  possibly blocking /dev/random device (closes: #355414)..

Author: Gerrit Pape
Revision Date: 2006-04-16 16:16:40 UTC

* new upstream point release.
  * Compile fix for scp
* debian/diff/dbclient.1.diff: new: document -R option to dbclient
  accurately (thx Markus Schaber; closes: #351882).
* debian/dropbear.README.Debian: document a workaround for systems with
  possibly blocking /dev/random device (closes: #355414)..

Author: Daniel T Chen
Revision Date: 2005-12-21 01:46:34 UTC

* SECURITY:
  - svr-chansession.c:addchildpid(): Fix incorrect expression
    evaluation order that results in a buffer overflow, leading to
    arbitrary code execution. Patch adapted from:
    http://security.debian.org/pool/updates/main/d/dropbear/dropbear_0.45-2sarge0.diff.gz
* Reference: CVE-2005-4178

Author: Gerrit Pape
Revision Date: 2005-05-25 22:38:17 UTC

* debian/dropbear.init: init script prints human readable message in case
  it's disabled (closes: #309099).
* debian/dropbear.postinst: configure: restart service through init script
  instead of start.
* debian/dropbear.prerm: set -u -> set -e.

Author: Daniel T Chen
Revision Date: 2005-12-21 02:10:00 UTC

* SECURITY:
  - chansession.c:addchildpid(): Fix incorrect expression evaluation
    order that results in a buffer overflow, leading to arbitrary
    code execution. Patch adapted from:
    http://security.debian.org/pool/updates/main/d/dropbear/dropbear_0.45-2sarge0.diff.gz
    + Reference: CVE-2005-4178
  - dss.c:buf_dss_verify(), rsa.c:buf_rsa_verify(): Don't attempt to
    free uninitialised buffers. Patch adapted from diff between
    upstream versions 0.42 and 0.43.
    + Reference:
      http://lists.ucc.gu.uwa.edu.au/pipermail/dropbear/2004q3/000065.html

Author: Matt Johnston
Revision Date: 2004-06-16 12:44:54 UTC

* New upstream release 0.42.
* debian/diff/cvs-20040520.diff: remove; obsolete.
* debian/rules: disable target patch.

Author: Gerrit Pape
Revision Date: 2009-06-28 23:22:39 UTC

* debian/initramfs/premount-dropbear: run configure_networking in the
  background (thx debian@x.ray.net, closes: #514213, #524728).
* debian/control: Standards-Version: 3.8.2.0.