summaryrefslogtreecommitdiff
path: root/packages
diff options
context:
space:
mode:
authorChristian Breunig <christian@breunig.cc>2024-04-01 16:07:03 +0200
committerChristian Breunig <christian@breunig.cc>2024-04-01 16:07:06 +0200
commitb17befe2e4e914f3f604bcfa1843f75519d46a4d (patch)
tree99a1bda13cb0fa45c0ec4a2a5cb885208dcac91c /packages
parentadab6badd7b1a41bae55d8ae3fa58d213f5ce13d (diff)
downloadvyos-build-b17befe2e4e914f3f604bcfa1843f75519d46a4d.tar.gz
vyos-build-b17befe2e4e914f3f604bcfa1843f75519d46a4d.zip
dropbear: T6195: package upgrade 2022.83-1+deb12u1
Fix CVE-2023-48795: (terrapin attack) The SSH transport protocol with certain OpenSSH extensions allows remote attackers to bypass integrity checks such that some packets are omitted (from the extension negotiation message), and a client and server may consequently end up with a connection for which some security features have been downgraded or disabled, aka a Terrapin attack.
Diffstat (limited to 'packages')
-rw-r--r--packages/dropbear/Jenkinsfile4
1 files changed, 2 insertions, 2 deletions
diff --git a/packages/dropbear/Jenkinsfile b/packages/dropbear/Jenkinsfile
index a15793d1..539d7578 100644
--- a/packages/dropbear/Jenkinsfile
+++ b/packages/dropbear/Jenkinsfile
@@ -1,4 +1,4 @@
-// Copyright (C) 2022-2023 VyOS maintainers and contributors
+// Copyright (C) 2022-2024 VyOS maintainers and contributors
//
// This program is free software; you can redistribute it and/or modify
// in order to easy exprort images built to "external" world
@@ -21,7 +21,7 @@
def pkgList = [
['name': 'dropbear',
- 'scmCommit': 'debian/2022.83-1',
+ 'scmCommit': 'debian/2022.83-1+deb12u1',
'scmUrl': 'https://salsa.debian.org/debian/dropbear.git',
'buildCmd': 'sudo mk-build-deps --install --tool "apt-get --yes --no-install-recommends"; cd ..; ./build.sh'],
]