Dropbear 2025.88
Sebastian Gottschall
s.gottschall at dd-wrt.com
Wed May 7 21:34:55 AWST 2025
Forbidden
You don't have permission to access this resource.
Am 07.05.2025 um 14:29 schrieb Matt Johnston:
> Hi all,
>
> Dropbear 2025.88 is released. It has a few regression fixes
> from 2025.87, and a security fix applicable to users of
> dbclient where the hostname argument might be set from
> untrusted input.
>
> https://matt.ucc.asn.au/dropbear/
> https://dropbear.nl/mirror/
>
> Cheers,
> Matt
>
> 2025.88 - 7 May 2025
>
> - Security: Don't allow dbclient hostname arguments to be interpreted
> by the shell.
>
> dbclient hostname arguments with a comma (for multihop) would be
> passed to the shell which could result in running arbitrary shell
> commands locally. That could be a security issue in situations
> where dbclient is passed untrusted hostname arguments.
>
> Now the multihop command is executed directly, no shell is involved.
> Thanks to Marcin Nowak for the report, tracked as CVE-2025-47203
>
> - Fix compatibility for htole64 and htole32, regression in 2025.87
> Patch from Peter Fichtner to work with old GCC versions, and
> patch from Matt Robinson to check different header files.
>
> - Fix building on older compilers or libc that don't support
> static_assert(). Regression in 2025.87
>
> - Support ~R in the client to force a key re-exchange.
>
> - Improve strict KEX handling. Dropbear previously would allow other
> packets at the end of key exchange prior to receiving the remote
> peer's NEWKEYS message, which should be forbidden by strict KEX.
> Reported by Fabian Bäumer.
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.ucc.gu.uwa.edu.au/pipermail/dropbear/attachments/20250507/f683c11c/attachment.htm>
More information about the Dropbear
mailing list