Dropbear 2013.59

IT Developer developer at it-offshore.co.uk
Mon Oct 7 07:16:56 WST 2013 

Latest Debian Packages are here:

gpg --keyserver subkeys.pgp.net --recv-keys 92B84A1E
gpg -a --export 92B84A1E | apt-key add -

& add to /etc/apt/sources.list:

deb http://cdn.content-network.net/mirror/apt.balocco.name wheezy main
php ssh www
deb-src http://cdn.content-network.net/mirror/apt.balocco.name wheezy
main php ssh www

If you use Fail2Ban with Dropbear instructions here to run Fail2Ban as a
non root user:

https://coderwall.com/p/haj28a

My comment on that page to fix the Dropbear filter will only apply to
the official debs - the fix is included in the above packages.

Also change /etc/fail2ban/jail.local logpath & filter settings for dropbear:

[dropbear]

enabled  = true
port     = 2222
filter   = dropbear
logpath  = /var/log/auth.log
maxretry = 3

Stuart.

On 10/06/2013 08:49 PM, Catalin Patulea wrote:
> Are there any mirrors of Dropbear releases? OpenWRT used to use
> http://www.mirrors.wiretapped.net/security/cryptography/apps/ssh/dropbear/
> but it seems that mirror is now defunct.
>
> On Fri, Oct 4, 2013 at 10:38 AM, Matt Johnston <matt at ucc.asn.au> wrote:
>> Hi all,
>>
>> Dropbear 2013.59 has been released. It fixes a number of
>> bugs, including two security issues affecting prior
>> releases.
>>
>> - The Dropbear server could be made to consume large amounts
>> of memory because decompressed packet sizes weren't checked.
>> Depending on the OS and hardware this might be a denial of
>> service.
>>
>> - Valid users could be identified due to timing variations.
>>
>> As usual you can download it from
>> https://matt.ucc.asn.au/dropbear/dropbear.html
>>
>>
>> Cheers,
>> Matt
>>
>> 2013.59 - Friday 4 October 2013
>>
>> - Fix crash from -J command
>>   Thanks to Lluís Batlle i Rossell and Arnaud Mouiche for patches
>>
>> - Avoid reading too much from /proc/net/rt_cache since that causes
>>   system slowness.
>>
>> - Improve EOF handling for half-closed connections
>>   Thanks to Catalin Patulea
>>
>> - Send a banner message to report PAM error messages intended for the user
>>   Patch from Martin Donnelly
>>
>> - Limit the size of decompressed payloads, avoids memory exhaustion denial
>>   of service
>>   Thanks to Logan Lamb for reporting and investigating it
>>
>> - Avoid disclosing existence of valid users through inconsistent delays
>>   Thanks to Logan Lamb for reporting
>>
>> - Update config.guess and config.sub for newer architectures
>>
>> - Avoid segfault in server for locked accounts
>>
>> - "make install" now installs manpages
>>   dropbearkey.8 has been renamed to dropbearkey.1
>>   manpage added for dropbearconvert
>>
>> - Get rid of one second delay when running non-interactive commands
>>
>> Releases are signed by PGP key matt at ucc.asn.au 4C647FBC
>>      D11E 5F8D 2C38 523F 57F1  2166 8CF9 F8B0 4C64 7FBC

-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.ucc.gu.uwa.edu.au/pipermail/dropbear/attachments/20131007/a7d781ca/attachment.htm

More information about the Dropbear mailing list