Commit 086bdfd3 authored by Peter Korsgaard's avatar Peter Korsgaard
Browse files

dropbear: bump version, fixes CVE-2012-0920 



From the release notes:

Security: Fix use-after-free bug that could be triggered if command="..."
authorized_keys restrictions are used.  Could allow arbitrary code
execution or bypass of the command="..." restriction to an authenticated
user.

Signed-off-by: default avatarPeter Korsgaard <jacmet@sunsite.dk>
parent 3d6ff4f5

package/dropbear/dropbear-2011.54-no-ipv6.patch

deleted100644 → 0
+0 −18
Original line number Diff line number Diff line 
Check for IPV6_TCLASS instead of IPPROTO_IPV6 since

it's present on non-IPv6 enabled toolchains too.



Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>

---



diff -Nura dropbear-2011.54.orig/dbutil.c dropbear-2011.54/dbutil.c

--- dropbear-2011.54.orig/dbutil.c	2011-11-08 09:48:15.000000000 -0300

+++ dropbear-2011.54/dbutil.c	2011-11-09 12:14:59.430074138 -0300

@@ -164,7 +164,7 @@

 	/* set the TOS bit for either ipv4 or ipv6 */

 #ifdef IPTOS_LOWDELAY

 	val = IPTOS_LOWDELAY;

-#ifdef IPPROTO_IPV6

+#ifdef IPV6_TCLASS

 	setsockopt(sock, IPPROTO_IPV6, IPV6_TCLASS, (void*)&val, sizeof(val));

 #endif

 	setsockopt(sock, IPPROTO_IP, IP_TOS, (void*)&val, sizeof(val));

package/dropbear/dropbear.mk

+1 −1
Original line number Diff line number Diff line
@@ -4,7 +4,7 @@ 
#

#############################################################



DROPBEAR_VERSION = 2011.54

DROPBEAR_VERSION = 2012.55

DROPBEAR_SITE = http://matt.ucc.asn.au/dropbear/releases

DROPBEAR_TARGET_BINS = dbclient dropbearkey dropbearconvert scp ssh

DROPBEAR_MAKE =	$(MAKE) MULTI=1 SCPPROGRESS=1 \