dumalogiya
/
openwrt
2
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity
You cannot select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
v19.07.3_mercusys_ac12_duma
master
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from '9601d94138'
${ noResults }
openwrt/package/network/services/dropbear/patches
History
Hans Dedecker 2211ee0037 dropbear: backport upstream fix for CVE-2018-15599 
CVE description :
The recv_msg_userauth_request function in svr-auth.c in Dropbear through
2018.76 is prone to a user enumeration vulnerability because username
validity affects how fields in SSH_MSG_USERAUTH messages are handled,
a similar issue to CVE-2018-15473 in an unrelated codebase.

Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
 		6 years ago
..
010-runtime-maxauthtries.patch dropbear: server support option '-T' max auth tries 7 years ago
020-Wait-to-fail-invalid-usernames.patch dropbear: backport upstream fix for CVE-2018-15599 6 years ago
100-pubkey_path.patch dropbear: backport upstream fix for CVE-2018-15599 6 years ago
110-change_user.patch dropbear: bump to 2015.68 9 years ago
120-openwrt_options.patch dropbear: disable MD5 HMAC and switch to sha1 fingerprints 7 years ago
130-ssh_ignore_x_args.patch dropbear: update to 2016.73 8 years ago
140-disable_assert.patch dropbear: update to 2016.73 8 years ago
150-dbconvert_standalone.patch dropbear: bump to 2015.68 9 years ago
160-lto-jobserver.patch dropbear: compile with LTO enabled 6 years ago
600-allow-blank-root-password.patch Disable telnet in favor of passwordless SSH 9 years ago
610-skip-default-keys-in-custom-runs.patch dropbear: server support option '-T' max auth tries 7 years ago