diff options
author | Christian Breunig <christian@breunig.cc> | 2024-04-01 16:07:03 +0200 |
---|---|---|
committer | Christian Breunig <christian@breunig.cc> | 2024-04-01 16:07:06 +0200 |
commit | b17befe2e4e914f3f604bcfa1843f75519d46a4d (patch) | |
tree | 99a1bda13cb0fa45c0ec4a2a5cb885208dcac91c /packages | |
parent | adab6badd7b1a41bae55d8ae3fa58d213f5ce13d (diff) | |
download | vyos-build-b17befe2e4e914f3f604bcfa1843f75519d46a4d.tar.gz vyos-build-b17befe2e4e914f3f604bcfa1843f75519d46a4d.zip |
dropbear: T6195: package upgrade 2022.83-1+deb12u1
Fix CVE-2023-48795: (terrapin attack)
The SSH transport protocol with certain OpenSSH extensions allows remote
attackers to bypass integrity checks such that some packets are omitted (from
the extension negotiation message), and a client and server may consequently
end up with a connection for which some security features have been downgraded
or disabled, aka a Terrapin attack.
Diffstat (limited to 'packages')
-rw-r--r-- | packages/dropbear/Jenkinsfile | 4 |
1 files changed, 2 insertions, 2 deletions
diff --git a/packages/dropbear/Jenkinsfile b/packages/dropbear/Jenkinsfile index a15793d1..539d7578 100644 --- a/packages/dropbear/Jenkinsfile +++ b/packages/dropbear/Jenkinsfile @@ -1,4 +1,4 @@ -// Copyright (C) 2022-2023 VyOS maintainers and contributors +// Copyright (C) 2022-2024 VyOS maintainers and contributors // // This program is free software; you can redistribute it and/or modify // in order to easy exprort images built to "external" world @@ -21,7 +21,7 @@ def pkgList = [ ['name': 'dropbear', - 'scmCommit': 'debian/2022.83-1', + 'scmCommit': 'debian/2022.83-1+deb12u1', 'scmUrl': 'https://salsa.debian.org/debian/dropbear.git', 'buildCmd': 'sudo mk-build-deps --install --tool "apt-get --yes --no-install-recommends"; cd ..; ./build.sh'], ] |