dropbear - Debian Package Tracker

general

source: dropbear (main)
version: 2022.83-2
maintainer: Guilhem Moulin (DMD)
arch: all any
std-ver: 4.6.2
VCS: Git (Browse, QA)

versions [more versions can be listed by madison] [old versions available from snapshot.debian.org]

[pool directory]

o-o-stable: 2018.76-5+deb10u1
o-o-sec: 2018.76-5+deb10u2
oldstable: 2020.81-3
old-bpo: 2022.83-1~bpo11+1
stable: 2022.83-1
testing: 2022.83-2
unstable: 2022.83-2

versioned links

2018.76-5+deb10u1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
2018.76-5+deb10u2: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
2020.81-3: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
2022.83-1~bpo11+1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
2022.83-1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
2022.83-2: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]

binaries

dropbear
dropbear-bin (1 bugs: 0, 0, 1, 0)
dropbear-initramfs (1 bugs: 0, 1, 0, 0)
dropbear-run (1 bugs: 0, 1, 0, 0)

action needed

Fails to build during reproducibility testing normal

A package building reproducibly enables third parties to verify that the source matches the distributed binaries. It has been identified that this source package produced different results, failed to build or had other issues in a test environment. Please read about how to improve the situation!

Created: 2023-06-21 Last update: 2023-10-07 22:00

2 new commits since last upload, is it time to release? normal

vcswatch reports that this package seems to have new commits in its VCS but has not yet updated debian/changelog. You should consider updating the Debian changelog and uploading this new version into the archive.

Here are the relevant commit logs:

commit 4bcd69f8b64a57c6ac46b8c548ef44ba33774bdd
Author: Guilhem Moulin <guilhem@debian.org>
Date:   Tue Jun 20 00:13:37 2023 +0200

    d/control: Drop dropbear-run binary package.
    
    It has been released with bullseye and bookworm already, and doesn't
    have any reverse dependencies.
    
    Closes: #1038256

commit 7934e2fc0a19922c062aa9b51adf0bdddb29f408
Author: Guilhem Moulin <guilhem@debian.org>
Date:   Sun Jun 11 17:40:48 2023 +0200

    typofix
    
    Gbp-Dch: Ignore

Created: 2023-06-19 Last update: 2023-10-06 20:45

1 low-priority security issue in bullseye low

There is 1 open security issue in bullseye.

1 issue left for the package maintainer to handle:

CVE-2021-36369: (needs triaging) An issue was discovered in Dropbear through 2020.81. Due to a non-RFC-compliant check of the available authentication methods in the client-side SSH code, it is possible for an SSH server to change the login process in its favor. This attack can bypass additional security measures such as FIDO2 tokens or SSH-Askpass. Thus, it allows an attacker to abuse a forwarded agent for logging on to another server unnoticed.

You can find information about how to handle this issue in the security team's documentation.

Created: 2022-10-21 Last update: 2023-06-20 05:52

debian/patches: 1 patch to forward upstream low

Among the 3 debian patches available in version 2022.83-2 of the package, we noticed the following issues:

1 patch where the metadata indicates that the patch has not yet been forwarded upstream. You should either forward the patch upstream or update the metadata to document its real status.

Created: 2023-02-26 Last update: 2023-06-11 12:12

news

[rss feed]

[2023-06-20] dropbear 2022.83-2 MIGRATED to testing (Debian testing watch)
[2023-06-20] dropbear 2022.83-2 MIGRATED to testing (Debian testing watch)
[2023-06-11] Accepted dropbear 2022.83-2 (source) into unstable (Guilhem Moulin)
[2022-11-19] Accepted dropbear 2022.83-1~bpo11+1 (source) into bullseye-backports (Guilhem Moulin)
[2022-11-18] dropbear 2022.83-1 MIGRATED to testing (Debian testing watch)
[2022-11-14] Accepted dropbear 2022.83-1 (source) into unstable (Guilhem Moulin)
[2022-10-28] Accepted dropbear 2018.76-5+deb10u2 (source) into oldstable (Utkarsh Gupta)
[2022-10-24] Accepted dropbear 2022.82-4.1~bpo11+1 (source amd64 all) into bullseye-backports (Debian FTP Masters) (signed by: Guilhem Moulin)
[2022-10-17] dropbear 2022.82-4.1 MIGRATED to testing (Debian testing watch)
[2022-10-15] Accepted dropbear 2022.82-4.1 (source) into unstable (Michael Biebl)
[2022-10-08] dropbear 2022.82-4 MIGRATED to testing (Debian testing watch)
[2022-10-05] Accepted dropbear 2022.82-4 (source) into unstable (Guilhem Moulin)
[2022-08-06] Accepted dropbear 2018.76-5+deb10u1 (source) into oldstable-proposed-updates->oldstable-new, oldstable-proposed-updates (Debian FTP Masters) (signed by: Guilhem Moulin)
[2022-04-12] dropbear 2022.82-3 MIGRATED to testing (Debian testing watch)
[2022-04-05] dropbear 2022.82-2 MIGRATED to testing (Debian testing watch)
[2022-04-04] Accepted dropbear 2022.82-3 (source) into unstable (Guilhem Moulin)
[2022-04-03] Accepted dropbear 2022.82-2 (source) into unstable (Guilhem Moulin)
[2022-04-02] Accepted dropbear 2022.82-1 (source) into unstable (Guilhem Moulin)
[2021-12-13] dropbear 2020.81-5 MIGRATED to testing (Debian testing watch)
[2021-12-08] Accepted dropbear 2020.81-5 (source) into unstable (Guilhem Moulin)
[2021-08-29] dropbear 2020.81-4 MIGRATED to testing (Debian testing watch)
[2021-08-19] Accepted dropbear 2020.81-4 (source) into unstable (Guilhem Moulin)
[2021-01-17] dropbear 2020.81-3 MIGRATED to testing (Debian testing watch)
[2021-01-14] Accepted dropbear 2020.81-3 (source) into unstable (Guilhem Moulin)
[2021-01-04] dropbear 2020.81-2 MIGRATED to testing (Debian testing watch)
[2021-01-04] dropbear 2020.81-2 MIGRATED to testing (Debian testing watch)
[2021-01-01] Accepted dropbear 2020.81-2 (source) into unstable (Guilhem Moulin)
[2020-11-04] dropbear 2020.81-1 MIGRATED to testing (Debian testing watch)
[2020-10-29] Accepted dropbear 2020.81-1 (source) into unstable (Guilhem Moulin)
[2020-07-01] dropbear 2020.80-1 MIGRATED to testing (Debian testing watch)

bugs [bug history graph]

all: 6
RC: 0
I&N: 3
M&W: 3
F&P: 0
patch: 0

links

homepage
lintian
buildd: logs, reproducibility, cross
popcon
browse source code
edit tags
other distros
security tracker
screenshots
debian patches
debci

ubuntu

[Information about Ubuntu for Debian Developers]

version: 2022.83-2
19 bugs (2 patches)