[Nix-commits] [NixOS/nixpkgs] 7c84bd: dropbear: 2016.73 -> 2016.74

[Tobias Geerinckx-Rice]

  Branch: refs/heads/master
  Home:   https://github.com/NixOS/nixpkgs
  Commit: 7c84bd121a1b6c38092d4f98f29cdadba050b4db
      
https://github.com/NixOS/nixpkgs/commit/7c84bd121a1b6c38092d4f98f29cdadba050b4db
  Author: Tobias Geerinckx-Rice <m...@tobias.gr>
  Date:   2016-07-23 (Sat, 23 Jul 2016)

  Changed paths:
    M pkgs/tools/networking/dropbear/default.nix

  Log Message:
  -----------
  dropbear: 2016.73 -> 2016.74

Security fixes:
- Message printout was vulnerable to format string injection
- dropbearconvert import of OpenSSH keys could run arbitrary code
  as the local dropbearconvert user when parsing malicious key
  files
- dbclient could run arbitrary code as the local dbclient user if
  particular -m or -c arguments are provided
- dbclient or dropbear server could expose process memory to the
  running user if compiled with DEBUG_TRACE and running with -v

Fixes:
- Fix port forwarding failure when connecting to domains that have
  both IPv4 and IPv6 addresses. The bug was introduced in 2015.68
- Fix 100% CPU use while waiting for rekey to complete



_______________________________________________
nix-commits mailing list
nix-comm...@lists.science.uu.nl
http://lists.science.uu.nl/mailman/listinfo/nix-commits