Dropbear 2025.88
Matt Johnston
matt at ucc.asn.au
Wed May 7 22:50:39 AWST 2025
Sorry, permissions should be fixed now.
Matt
On 7 May 2025 9:34:55 pm AWST, Sebastian Gottschall <s.gottschall at dd-wrt.com> wrote:
>
> Forbidden
>
>You don't have permission to access this resource.
>
>
>Am 07.05.2025 um 14:29 schrieb Matt Johnston:
>> Hi all,
>>
>> Dropbear 2025.88 is released. It has a few regression fixes
>> from 2025.87, and a security fix applicable to users of
>> dbclient where the hostname argument might be set from
>> untrusted input.
>>
>> https://matt.ucc.asn.au/dropbear/
>> https://dropbear.nl/mirror/
>>
>> Cheers,
>> Matt
>>
>> 2025.88 - 7 May 2025
>>
>> - Security: Don't allow dbclient hostname arguments to be interpreted
>> by the shell.
>>
>> dbclient hostname arguments with a comma (for multihop) would be
>> passed to the shell which could result in running arbitrary shell
>> commands locally. That could be a security issue in situations
>> where dbclient is passed untrusted hostname arguments.
>>
>> Now the multihop command is executed directly, no shell is
>involved.
>> Thanks to Marcin Nowak for the report, tracked as CVE-2025-47203
>>
>> - Fix compatibility for htole64 and htole32, regression in 2025.87
>> Patch from Peter Fichtner to work with old GCC versions, and
>> patch from Matt Robinson to check different header files.
>>
>> - Fix building on older compilers or libc that don't support
>> static_assert(). Regression in 2025.87
>>
>> - Support ~R in the client to force a key re-exchange.
>>
>> - Improve strict KEX handling. Dropbear previously would allow other
>> packets at the end of key exchange prior to receiving the remote
>> peer's NEWKEYS message, which should be forbidden by strict KEX.
>> Reported by Fabian Bäumer.
>>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.ucc.gu.uwa.edu.au/pipermail/dropbear/attachments/20250507/b736355c/attachment.htm>
More information about the Dropbear
mailing list