Age | Commit message (Collapse) | Author |
|
|
|
Fix CVE-2023-48795: (terrapin attack)
The SSH transport protocol with certain OpenSSH extensions allows remote
attackers to bypass integrity checks such that some packets are omitted (from
the extension negotiation message), and a client and server may consequently
end up with a connection for which some security features have been downgraded
or disabled, aka a Terrapin attack.
|
|
|
|
|
|
|
|
|
|
Individual packages like dropbear, frr, iproute2 ... all came with a copy of
gitignore rules already present in the base file.
Those rules have been dropped.
|
|
Dropbear version shipped in Debian does not have PAM support enabled. For the
VyOS console server it would be nice to have the possibility to use RADIUS
authentication.
|