mirrors/poky
1
0
Fork 0
mirror of https://git.yoctoproject.org/poky synced 2026-04-19 06:32:13 +02:00
Code Issues Packages Projects Releases Wiki Activity

dropbear: upgrade to 2016.72

Browse Source 
The upgrade addresses CVE-2016-3116:

- Validate X11 forwarding input. Could allow bypass of
  authorized_keys command= restrictions,
  found by github.com/tintinweb.
  Thanks for Damien Miller for a patch. CVE-2016-3116

References:
https://matt.ucc.asn.au/dropbear/CHANGES
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3116

(From OE-Core rev: 5ebac39d1d6dcf041e05002c0b8bf18bfb38e6d3)

Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
This commit is contained in:
Sona Sarmadi
2016-09-14 14:34:38 +02:00
committed by Richard Purdie
parent 96fe15caf6
commit 58538b0703
2 changed files with 4 additions and 5 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
meta/recipes-core/dropbear/dropbear_2015.71.bb
View File

@@ -1,5 +0,0 @@
require dropbear.inc
SRC_URI[md5sum] = "2ccc0a2f3e37ca221db12c5af6a88137"
SRC_URI[sha256sum] = "376214169c0e187ee9f48ae1a99b3f835016ad5b98ede4bfd1cf581deba783af"

4
meta/recipes-core/dropbear/dropbear_2016.72.bb Normal file
View File

@@ -0,0 +1,4 @@
require dropbear.inc
SRC_URI[md5sum] = "96226b82725a8cbecad9fc738930d1d2"
SRC_URI[sha256sum] = "9323766d3257699fd7d6e7b282c5a65790864ab32fd09ac73ea3d46c9ca2d681"