From dfee865168d41a873c119249a312478c9b519979 Mon Sep 17 00:00:00 2001
From: Christian Breunig <christian@breunig.cc>
Date: Mon, 1 Apr 2024 16:07:03 +0200
Subject: dropbear: T6195: package upgrade 2022.83-1+deb12u1

Fix CVE-2023-48795: (terrapin attack)

The SSH transport protocol with certain OpenSSH extensions allows remote
attackers to bypass integrity checks such that some packets are omitted (from
the extension negotiation message), and a client and server may consequently
end up with a connection for which some security features have been downgraded
or disabled, aka a Terrapin attack.

(cherry picked from commit b17befe2e4e914f3f604bcfa1843f75519d46a4d)
---
 packages/dropbear/Jenkinsfile | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

(limited to 'packages')

diff --git a/packages/dropbear/Jenkinsfile b/packages/dropbear/Jenkinsfile
index 1b7947cf..2a449082 100644
--- a/packages/dropbear/Jenkinsfile
+++ b/packages/dropbear/Jenkinsfile
@@ -1,4 +1,4 @@
-// Copyright (C) 2022-2023 VyOS maintainers and contributors
+// Copyright (C) 2022-2024 VyOS maintainers and contributors
 //
 // This program is free software; you can redistribute it and/or modify
 // in order to easy exprort images built to "external" world
@@ -21,7 +21,7 @@
 
 def pkgList = [
     ['name': 'dropbear',
-     'scmCommit': 'debian/2022.83-1',
+     'scmCommit': 'debian/2022.83-1+deb12u1',
      'scmUrl': 'https://salsa.debian.org/debian/dropbear.git',
      'buildCmd': 'sudo mk-build-deps --install --tool "apt-get --yes --no-install-recommends"; cd ..; ./build.sh'],
 ]
-- 
cgit v1.2.3