projects / buildroot.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: f0f680d) | patch
dropbear: add upstream security fix for CVE-2018-15599
authorPeter Korsgaard <peter@korsgaard.com>
Sun, 26 Aug 2018 21:40:37 +0000 (23:40 +0200)
committerPeter Korsgaard <peter@korsgaard.com>
Mon, 27 Aug 2018 07:30:45 +0000 (09:30 +0200)
commit4a3b0ba38fde05e8f8c3512d516d86803efa44c0
tree4707baa931d29e7ee57c9a9478bd366a8bce0d3atree
parentf0f680d6736aa69ea11ecd7d0a0577fb14bc6d22commit | diff
dropbear: add upstream security fix for CVE-2018-15599

dropbear is affected by an user enumeration vulnerability similar to the
recent issue in openssh (CVE-2018-15473).  Add an upstream patch fixing the
issue.

For more details, see the discussion on the mailing list:
http://lists.ucc.gu.uwa.edu.au/pipermail/dropbear/2018q3/002110.html

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
package/dropbear/0002-Wait-to-fail-invalid-usernames.patch [new file with mode: 0644] blob