git.openwrt.org Git - openwrt/staging/pepe2k.git/commit

author	Konstantin Demin <[email protected]>
	Tue, 9 Jan 2024 00:40:01 +0000 (03:40 +0300)
committer	Hauke Mehrtens <[email protected]>
	Mon, 8 Jul 2024 20:27:11 +0000 (22:27 +0200)
commit	38cea0bea17941b7a392fcdbef4faec2d146a398
tree	07800c14c44b5034eb0862ca1865e831caa255ba	tree \| snapshot
parent	bd9138458922f542ff517430ba30f57f65e9675c	commit \| diff

dropbear: cherry-pick upstream patches

critical fixes:
- libtommath: possible integer overflow (CVE-2023-36328)
- implement Strict KEX mode (CVE-2023-48795)

various fixes:
- fix DROPBEAR_DSS and DROPBEAR_RSA config options
- y2038 issues
- remove SO_LINGER socket option
- make banner reading failure non-fatal
- fix "noremotetcp" behavior
- don't try to shutdown a pty
- fix test for multiuser kernels

adds new features:
- option to bind to interface
- allow inetd with non-syslog
- ignore unsupported command line options with dropbearkey

Signed-off-by: Konstantin Demin <[email protected]>
(cherry picked from commit b5cde260487eae86db1661a53e5e5e0823936aab)
[Only add the patches fixing security problems]
Tested-by: Stijn Segers <[email protected]>
Link: https://github.com/openwrt/openwrt/pull/15899
Signed-off-by: Hauke Mehrtens <[email protected]>

package/network/services/dropbear/patches/015-libtommath-fix-possible-integer-overflow.patch	[new file with mode: 0644]	blob
package/network/services/dropbear/patches/021-Implement-Strict-KEX-mode.patch	[new file with mode: 0644]	blob