[ubuntu/cosmic-proposed] dropbear 2018.76-4 (Accepted)
LocutusOfBorg
costamagnagianfranco at yahoo.it
Fri Aug 24 20:59:11 UTC 2018
dropbear (2018.76-4) unstable; urgency=medium
* Backport security fix for CVE-2018-15599: The recv_msg_userauth_request
function in svr-auth.c in Dropbear through 2018.76 is prone to a user
enumeration vulnerability because username validity affects how fields in
SSH_MSG_USERAUTH messages are handled. (Closes: #906890.)
Cherry-picked from https://secure.ucc.asn.au/hg/dropbear/rev/5d2d1021ca00 .
* debian/control: Bump Standards-Version to 4.2.0 (no changes necessary).
Date: 2018-08-24 16:29:26.695445+00:00
Signed-By: LocutusOfBorg <costamagnagianfranco at yahoo.it>
https://launchpad.net/ubuntu/+source/dropbear/2018.76-4
-------------- next part --------------
Sorry, changesfile not available.
More information about the Cosmic-changes
mailing list