CVSROOT: /cvs
Module name: ports
Changes by: [email protected] 2025/12/16 09:50:33
Modified files:
security/dropbear: Makefile distinfo
security/dropbear/patches: patch-src_default_options_h
Log message:
update to dropbear-2025.89
- Security: Avoid privilege escalation via unix stream forwarding in Dropbear
server. Other programs on a system may authenticate unix sockets via
SO_PEERCRED, which would be root user for Dropbear forwarded connections
- Security: Include scp fix for CVE-2019-6111. This allowed
a malicious server to overwrite arbitrary local files.
- Don't limit channel window to 500MB. That is could cause stuck connections
if peers advise a large window and don't send an increment within 500MB.
Affects SSH.NET https://github.com/sshnet/SSH.NET/issues/1671
and some others
