lp:debian/jessie/dropbear

Created by Ubuntu Package Importer on 2013-05-06 and last modified on 2014-08-11
Get this branch:
bzr branch lp:debian/jessie/dropbear
Members of Ubuntu branches can upload to this branch. Log in for directions.

Related bugs

Related blueprints

Branch information

Owner:
Ubuntu branches
Status:
Development

Recent revisions

24. By Gerrit Pape <email address hidden> on 2014-08-11

[ Matt Johnston ]
* New upstream release (closes: #757780).

[ Gerrit Pape ]
* debian/diff/0003-options.h-use-usr-bin-xauth-instead-of...diff:
  remove; applied upstream.
* debian/control: Standards-Version: 3.9.5.0.

23. By Gerrit Pape <email address hidden> on 2014-08-01

[ Matt Johnston ]
* New upstream release (closes: #748826, #756561)..

[ Gerrit Pape ]
* debian/diff/: update.
* debian/initramfs/premount-devpts: apply patch from
  https://launchpadlibrarian.net/107177971/dropbear_lp933903_precise_1.debdiff:
  duplicate mount /dev/pts in initramfs (thx Mario 'BitKoenig' Holbe,
  Guy Roussin, closes: #632656).
* debian/dropbear.postinst: apply patch from Karl O. Pinc: dropbear's
  cryptroot setup does not use the system's host keys (closes:
  #714899).
* debian/initramfs/dropbear-hook: apply patch from Karl O. Pinc:
  There is no warning when the cryptroot host key differs from the
  regular host key (closes: #714900).
* debian/dropbear.postrm: apply patch from Karl O. Pinc: dropbear does
  not remove initramfs host keys on package purge (closes: #714945).
* debian/initramfs/premount-dropbear: apply half of patch from
  Robert.Heinzmann: allow option specification for dropbear in
  /etc/initramfs-tools/initramfs.conf (closes: #614981).
* debian/dropbear.conffiles: add
  /usr/share/initramfs-tools/conf-hooks.d/dropbear (thx Karl O. Pinc,
  closes: #715047).
* debian/rules: apply patch from Matthias Klose: please allow the
  package to cross build (closes: #729845).

22. By Gerrit Pape <email address hidden> on 2013-10-25

[ Matt Johnston ]
* New upstream release.

[ Gerrit Pape ]
* debian/diff/0004-cve-2013-4421.diff, 0005-user-disclosure.diff:
  remove; fixed upstream.
* debian/dropbear.postinst: don't fail if initramfs-tools it not
  installed (closes: #692653).

21. By Michael Gilbert <email address hidden> on 2013-10-16

* Non-maintainer upload by the Security Team.
* Fix cve-2013-4421: memory exhaustion issue (closes: #726019).
* Fix timing delays that may reveal whether a user account is valid
  (closes: #726118).

20. By Jeremy Bobbio on 2012-11-08

* Non-maintainer upload.
* Fix initramfs hook when multiple variant of libc are installed.
  All credits due to Helmut Grohne for the report and the solution.
  (Closes: #682964)

19. By Jeremy Bobbio on 2012-09-25

* Non-maintainer upload.
* Unbreak initramfs hook when upgrading from Squeeze.

18. By Jeremy Bobbio on 2012-09-25

* Non-maintainer upload.
* Adjust initramfs hook to work with multi-arch. Initial patch by
  Michael Stapelberg. (Closes: #630581)

17. By Gerrit Pape <email address hidden> on 2012-02-27

* New upstream release.
  * Fix use-after-free bug that could be triggered if command="..."
    authorized_keys restrictions are used. Could allow arbitrary
    code execution or bypass of the command="..." restriction to an
    authenticated user. This bug affects releases 0.52 onwards.
    Ref CVE-2012-0920 (closes: #661150). Thanks to Danny Fullerton
    of Mantor Organization for reporting the bug.

16. By Gerrit Pape <email address hidden> on 2011-11-16

[ Matt Johnston ]
* new upstream release.
  * Added ALLOW_BLANK_PASSWORD option. Dropbear also now allows public
    key logins to accounts with a blank password. Thanks to Rob
    Landley (closes: #555889).
  * Bind to sockets with IPV6_V6ONLY so that it works properly on
    systems regardless of the system-wide setting (closes: #636696).

[ Gerrit Pape ]
* debian/control: Standards-Version: 3.9.2.0.

15. By Gerrit Pape <email address hidden> on 2011-05-02

[ Matt Johnston ]
* New upstream release.
  * SSH_ORIGINAL_COMMAND environment variable is set by the server
    when an authorized_keys command is specified (closes: #604524).

[ Gerrit Pape ]
* debian/rules: add --enable-bundled-libtom option to ./configure.
* debian/rules: remove -DXAUTH_COMMAND="/usr/bin/X11/xauth -q from
  CFLAGS (workaround ./configure stupidity; closes: #625192).
* debian/diff/0003-options.h-use-usr-bin-xauth-instead-of...diff: new;
  use /usr/bin/xauth instead of /usr/bin/X11/xauth for XAUTH_COMMAND
  (closes: #614355).

Branch metadata

Branch format:
Branch format 7
Repository format:
Bazaar repository format 2a (needs bzr 1.16 or later)
Stacked on:
lp:debian/dropbear
This branch contains Public information 
Everyone can see this information.

Subscribers