diff options
Diffstat (limited to 'debian')
| -rw-r--r-- | debian/changelog | 46 | ||||
| -rw-r--r-- | debian/control | 10 | ||||
| -rw-r--r-- | debian/dropbear.README.Debian | 11 | ||||
| -rw-r--r-- | debian/dropbear.init | 3 | ||||
| -rw-r--r-- | debian/implicit | 10 |
5 files changed, 72 insertions, 8 deletions
diff --git a/debian/changelog b/debian/changelog index 7ac611a..7152341 100644 --- a/debian/changelog +++ b/debian/changelog @@ -1,6 +1,50 @@ -dropbear (0.46-0.1) unstable; urgency=medium +dropbear (0.48.1-1) unstable; urgency=medium + + * new upstream point release. + * Compile fix for scp + * debian/diff/dbclient.1.diff: new: document -R option to dbclient + accurately (thx Markus Schaber; closes: #351882). + * debian/dropbear.README.Debian: document a workaround for systems with + possibly blocking /dev/random device (closes: #355414).. + + -- Gerrit Pape <pape@smarden.org> Sun, 16 Apr 2006 16:16:40 +0000 + +dropbear (0.48-1) unstable; urgency=medium + + * New upstream release. + * SECURITY: Improve handling of denial of service attempts from a single + IP. + + * debian/implicit: update to revision 1.11. + * new upstream release updates to scp from OpenSSH 4.3p2 - fixes a + security issue where use of system() could cause users to execute + arbitrary code through malformed filenames; CVE-2006-0225 (see also + #349645); the scp binary is not provided by this package though. + + -- Gerrit Pape <pape@smarden.org> Fri, 10 Mar 2006 22:00:32 +0000 + +dropbear (0.47-1) unstable; urgency=high + + * New upstream release. + * SECURITY: Fix incorrect buffer sizing; CVE-2005-4178. + + -- Matt Johnston <matt@ucc.asn.au> Thu, 8 Dec 2005 19:20:21 +0800 + +dropbear (0.46-2) unstable; urgency=low + + * debian/control: Standards-Version: 3.6.2.1; update descriptions to + mention included server and client (thx Tino Keitel). + * debian/dropbear.init: allow '/etc/init.d/dropbear stop' even though + 'NO_START is not set to zero.' (closes: #336723). + + -- Gerrit Pape <pape@smarden.org> Tue, 6 Dec 2005 13:30:49 +0000 + +dropbear (0.46-1) unstable; urgency=medium * New upstream release, various fixes. + * debian/diff/dbclient-usage-typo.diff, debian/diff/manpages.diff: remove; + obsolete. + * debian/dbclient.1: move to ./dbclient.1. -- Matt Johnston <matt@ucc.asn.au> Fri, 8 July 2005 21:32:55 +0800 diff --git a/debian/control b/debian/control index 33c717c..81835b3 100644 --- a/debian/control +++ b/debian/control @@ -3,16 +3,16 @@ Section: net Priority: optional Maintainer: Gerrit Pape <pape@smarden.org> Build-Depends: libz-dev -Standards-Version: 3.6.1.0 +Standards-Version: 3.6.2.1 Package: dropbear Architecture: any Depends: ${shlibs:Depends} Suggests: ssh, runit -Description: lightweight SSH2 server - dropbear is a SSH 2 server designed to be small enough to be used in small - memory environments, while still being functional and secure enough for - general use. +Description: lightweight SSH2 server and client + dropbear is a SSH 2 server and client designed to be small enough to + be used in small memory environments, while still being functional and + secure enough for general use. . It implements most required features of the SSH 2 protocol, and other features such as X11 and authentication agent forwarding. diff --git a/debian/dropbear.README.Debian b/debian/dropbear.README.Debian index 8cdac38..7eec3e6 100644 --- a/debian/dropbear.README.Debian +++ b/debian/dropbear.README.Debian @@ -39,3 +39,14 @@ by following these steps: See the Dropbear homepage for more information: http://matt.ucc.asn.au/dropbear/dropbear.html + +Entropy from /dev/random +------------------------ + +The dropbear binary package is configured at compile time to read +entropy from /dev/random. If /dev/random on a system blocks when +reading data from it, client logins may be delayed until the client +times out. The dropbear server writes a notice to the logs when it +sees /dev/random blocking. A workaround for such systems is to +re-compile the package with DROPBEAR_RANDOM_DEV set to /dev/urandom +in options.h. diff --git a/debian/dropbear.init b/debian/dropbear.init index d31a231..7979c8d 100644 --- a/debian/dropbear.init +++ b/debian/dropbear.init @@ -16,7 +16,6 @@ set -e cancel() { echo "$1" >&2; exit 0; }; test ! -r /etc/default/dropbear || . /etc/default/dropbear -test "$NO_START" = "0" || cancel 'NO_START is not set to zero.' test -x "$DAEMON" || cancel "$DAEMON does not exist or is not executable." test ! -h /var/service/dropbear || \ cancel '/var/service/dropbear exists, service is controlled through runit.' @@ -30,6 +29,7 @@ test -n "$DROPBEAR_DSSKEY" || \ case "$1" in start) + test "$NO_START" = "0" || cancel 'NO_START is not set to zero.' echo -n "Starting $DESC: " start-stop-daemon --start --quiet --pidfile /var/run/"$NAME".pid \ --exec "$DAEMON" -- -d "$DROPBEAR_DSSKEY" -r "$DROPBEAR_RSAKEY" \ @@ -42,6 +42,7 @@ case "$1" in echo "$NAME." ;; restart|force-reload) + test "$NO_START" = "0" || cancel 'NO_START is not set to zero.' echo -n "Restarting $DESC: " start-stop-daemon --stop --quiet --oknodo --pidfile /var/run/"$NAME".pid sleep 1 diff --git a/debian/implicit b/debian/implicit index 57a444a..7a7ee98 100644 --- a/debian/implicit +++ b/debian/implicit @@ -1,4 +1,4 @@ -# $Id: implicit,v 1.10 2004/07/03 15:20:00 pape Exp $ +# $Id: implicit,v 1.11 2005/11/29 21:57:55 pape Exp $ .PHONY: deb-checkdir deb-checkuid @@ -38,6 +38,14 @@ deb-checkuid: @gzip -9 debian/$*/usr/share/doc/$*/changelog* %.deb-docs-docs: @for i in `cat debian/$*.docs 2>/dev/null || :`; do \ + if test -d $$i; then \ + sh -cx "install -d -m0755 debian/$*/usr/share/doc/$*/$${i##*/}" && \ + for j in $$i/*; do \ + sh -cx "install -m0644 $$j \ + debian/$*/usr/share/doc/$*/$${i##*/}/" || exit 1; \ + done || exit 1; \ + continue; \ + fi; \ sh -cx "install -m0644 $$i debian/$*/usr/share/doc/$*/" || exit 1; \ done @test ! -r debian/$*.README.Debian || \ |