[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

[SECURITY] [DLA 634-1] dropbear security update

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Package        : dropbear
Version        : 2012.55-1.3+deb7u1
CVE IDs        : CVE-2016-7406 CVE-2016-7407

It was discovered that there were two issues in dropbear, a lightweight SSH2
server and client:

 - CVE-2016-7406: Potential issues in exit message formatting.
 - CVE-2016-7407: Overflows when parsing OpenSSH's ASN.1 key format.

For Debian 7 "Wheezy", this issue has been fixed in dropbear version
2012.55-1.3+deb7u1.

We recommend that you upgrade your dropbear packages.


Regards,

- -- 
      ,''`.
     : :'  :     Chris Lamb
     `. `'`      lamby@debian.org / chris-lamb.co.uk
       `-

-----BEGIN PGP SIGNATURE-----

iQIcBAEBCAAGBQJX5YHdAAoJEB6VPifUMR5YDN8QAKQRjPC64F3fMrMzL3r0fGjP
ox/21rB3/IoLPexQ4hNRy0Y42z3hZeSGwvmS+aI7Qag9OsRvuAggyeG/hcWx4VBB
8a7DolUYa3Ep/+yY7IWkeu+qdoO5MooB+HRl7gBbd7hVJ+K3cWOIvh3fOkCST+9w
G7RfpJzFFcTzzCbU/te87Q/SIHIPvVMwWJ0+NoRud7FrZoOfyqLVIkDgF+N5xtoA
3vjsz5rXDtj26W16RjOq0PlHeOQub1JT5lyUfNcgxkfy9DK3TTcPKeQEefX42z3Z
atS5LUJRREpwTnjiPwOV0MZw5hSd7qUWkDldF9tOnKlLIPGWEAokhcC7O3rLrjYs
ZkJrSzSjN37S/z08AhqqvKgm6gQUh3NAyQVAZV4QkHgocpsqJQ+XxBrNWiIKgBMf
87OSUsmDSqB3W6dolIbYZGWhKIG5wP4aEUDXUuwqlqL4Elac2sJhH60yCQIL8GDp
m8zGtzq7hts6L2uJkQlPT/CSPQHk8pTXsVMqCW4xV/STufiI0Z8avHR3TmLcJn2S
UOTIqC8dWrDIR6uVhB65ChqtW291NoBW+qZVunRyd9XOJrhOxj7qPGHU3dS2bpDM
dKws5tvlSBX6SxIij68sYQuyu1UjwWDdps8sK7Sgd4LviEqknBMP4fnJweTEV0ZP
5e6GnKiQm2JnQo40brHa
=BKpe
-----END PGP SIGNATURE-----
Reply to: