-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 - ------------------------------------------------------------------------- Debian Security Advisory DSA-6086-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff December 19, 2025 https://www.debian.org/security/faq - -------------------------------------------------------------------------
Package : dropbear CVE ID : CVE-2025-14282 "Turistu" discovered that incorrect permission handling in the Dropbear SSH server could result in privilege escalation. The oldstable distribution (bookworm) is not affected. For the stable distribution (trixie), this problem has been fixed in version 2025.89-1~deb13u1. We recommend that you upgrade your dropbear packages. For the detailed security status of dropbear please refer to its security tracker page at: https://security-tracker.debian.org/tracker/dropbear Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: https://www.debian.org/security/ Mailing list: [email protected] -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEEtuYvPRKsOElcDakFEMKTtsN8TjYFAmlFpnsACgkQEMKTtsN8 TjYBHg/+IuHNXqSRfIjVZLriFsmafBcYgurocMbhHYdDGB0EPgz8LbJdx0kRlrTA naJjmpPyxtzVj1buOBuMYWjUy0YTtozvrDVk7/WqtRVCbwUHcGKBMsxHbE9LYfMI om8wHR7yJcgebOlNi6Yo+9Ik+6AQ1LGCEcpJd7hCJQTaW/yeWQjUJZrXdt//OU3r KwMa/0cSNJufFUo7/lMvg4XTIWBcr7EeOaoeBhgF7G0UK1QohKaBfCokbXmUFM1q dR4iWYeoXAjrj8b+nttZEhe5Tr6Ffy7S2OkXzFKMGcESeMG299lDd9zJK+YeE7sy 8Wkyzg08CzVkl26kLBz6XWS6QH4Aa2B3GpwUkXwwvYkBasIc8H+Uz+yzpCF7jlAl iDp2WBj+Ux5AVPw7HPqMKu2+1QwdbVB53dCERdDgt1YPT+hL36UaLdP0seAs//L0 HUBCyc9Al3J3fpKJP5Ro63ioyflclKF3fXhs0uApgNlgPQe4I10T+65QUIBEDLMc yCqX6tE6ICVjcYGZirX0Abj4U5yb4v6vudU6MbTaJ4XNFI0UclXyn7EH1fBF3rrQ pJ4klcdfSYkODYWb4mi9Wi2jfyUNNow+HxjQM0uKIEFz9gGGX8osnh249ftqoeOE bq+HQvomicgEWvfRk7lTpFQ6zH6qjlWbuDPss7h0vDAN0g0x9lE= =URQq -----END PGP SIGNATURE-----
