Mercurial > dropbear
comparison CHANGES @ 1739:13d834efc376 fuzz
merge from main
author | Matt Johnston <matt@ucc.asn.au> |
---|---|
date | Thu, 15 Oct 2020 19:55:15 +0800 |
parents | 8b27de2c92ee |
children | 4b984c42372d |
comparison
equal
deleted
inserted
replaced
1562:768ebf737aa0 | 1739:13d834efc376 |
---|---|
1 2020.80 - 26 June 2020 | |
2 | |
3 - Don't block authorized_keys logins with no-X11-forwarding or no-agent-forwarding | |
4 restrictions when X11 or agent forwarding are disabled at compile time. | |
5 This is more of a problem now X11 is disabled by default, reported by Guilhem Moulin | |
6 | |
7 - Reduce binary size by 4kB (x64) when using bundled libtommath | |
8 | |
9 - Define GNU_SOURCE for getrandom() on uclibc, reported by Laurent Bercot and | |
10 Fabrice Fontaine | |
11 | |
12 - Improve checking libtomcrypt version compatibility | |
13 | |
14 - Add some style notes to DEVELOPING.md | |
15 | |
16 2020.79 - 15 June 2020 | |
17 | |
18 - Support ed25519 hostkeys and authorized_keys, many thanks to Vladislav Grishenko. | |
19 This also replaces curve25519 with a TweetNaCl implementation that reduces code size. | |
20 | |
21 - Add chacha20-poly1305 authenticated cipher. This will perform faster than AES | |
22 on many platforms. Thanks to Vladislav Grishenko | |
23 | |
24 - Support using rsa-sha2 signatures. No changes are needed to hostkeys/authorized_keys | |
25 entries, existing RSA keys can be used with the new signature format (signatures | |
26 are ephemeral within a session). Old ssh-rsa signatures will no longer | |
27 be supported by OpenSSH in future so upgrading is recommended. | |
28 | |
29 - Use getrandom() call on Linux to ensure sufficient entropy has been gathered at startup. | |
30 Dropbear now avoids reading from the random source at startup, instead waiting until | |
31 the first connection. It is possible that some platforms were running without enough | |
32 entropy previously, those could potentially block at first boot generating host keys. | |
33 The dropbear "-R" option is one way to avoid that. | |
34 | |
35 - Upgrade libtomcrypt to 1.18.2 and libtommath to 1.2.0, many thanks to Steffen Jaeckel for | |
36 updating Dropbear to use the current API. Dropbear's configure script will check | |
37 for sufficient system library versions, otherwise using the bundled versions. | |
38 | |
39 - CBC ciphers, 3DES, hmac-sha1-96, and x11 forwarding are now disabled by default. | |
40 They can be set in localoptions.h if required. | |
41 Blowfish has been removed. | |
42 | |
43 - Support AES GCM, patch from Vladislav Grishenko. This is disabled by default, | |
44 Dropbear doesn't currently use hardware accelerated AES. | |
45 | |
46 - Added an API for specifying user public keys as an authorized_keys replacement. | |
47 See pubkeyapi.h for details, thanks to Fabrizio Bertocci | |
48 | |
49 - Fix idle detection clashing with keepalives, thanks to jcmathews | |
50 | |
51 - Include IP addresses in more early exit messages making it easier for fail2ban | |
52 processing. Patch from Kevin Darbyshire-Bryant | |
53 | |
54 - scp fix for CVE-2018-20685 where a server could modify name of output files | |
55 | |
56 - SSH_ORIGINAL_COMMAND is set for "dropbear -c" forced command too | |
57 | |
58 - Fix writing key files on systems without hard links, from Matt Robinson | |
59 | |
60 - Compatibility fixes for IRIX from Kazuo Kuroi | |
61 | |
62 - Re-enable printing MOTD by default, was lost moving from options.h. Thanks to zciendor | |
63 | |
64 - Call fsync() is called on parent directory when writing key files to ensure they are flushed | |
65 | |
66 - Fix "make install" for manpages in out-of-tree builds, from Gabor Z. Papp | |
67 | |
68 - Some notes are added in DEVELOPING.md | |
69 | |
70 2019.78 - 27 March 2019 | |
71 | |
72 - Fix dbclient regression in 2019.77. After exiting the terminal would be left | |
73 in a bad state. Reported by Ryan Woodsmall | |
74 | |
75 2019.77 - 23 March 2019 | |
76 | |
77 - Fix server -R option with ECDSA - only advertise one key size which will be accepted. | |
78 Reported by Peter Krefting, 2018.76 regression. | |
79 | |
80 - Fix server regression in 2018.76 where multiple client -R forwards were all forwarded | |
81 to the first destination. Reported by Iddo Samet. | |
82 | |
83 - Make failure delay more consistent to avoid revealing valid usernames, set server password | |
84 limit of 100 characters. Problem reported by usd responsible disclosure team | |
85 | |
86 - Change handling of failed authentication to avoid disclosing valid usernames, | |
87 CVE-2018-15599. | |
88 | |
89 - Fix dbclient to reliably return the exit code from the remote server. | |
90 Reported by W. Mike Petullo | |
91 | |
92 - Fix export of 521-bit ECDSA keys, from Christian Hohnstädt | |
93 | |
94 - Add -o Port=xxx option to work with sshfs, from xcko | |
95 | |
96 - Merged fuzzing code, see FUZZER-NOTES.md | |
97 | |
98 - Add a DROPBEAR_SVR_MULTIUSER=0 compile option to run on | |
99 single-user Linux kernels (CONFIG_MULTIUSER disabled). From Patrick Stewart | |
100 | |
101 - Increase allowed username to 100 characters, reported by W. Mike Petullo | |
102 | |
103 - Update config.sub and config.guess, should now work with RISC-V | |
104 | |
105 - Cygwin compile fix from karel-m | |
106 | |
107 - Don't require GNU sed (accidentally in 2018.76), reported by Samuel Hsu | |
108 | |
109 - Fix for IRIX and writev(), reported by Kazuo Kuroi | |
110 | |
111 - Other fixes and cleanups from François Perrad, Andre McCurdy, Konstantin Demin, | |
112 Michael Jones, Pawel Rapkiewicz | |
113 | |
114 | |
1 2018.76 - 27 February 2018 | 115 2018.76 - 27 February 2018 |
2 | 116 |
3 > > > Configuration/compatibility changes | 117 > > > Configuration/compatibility changes |
4 IMPORTANT | 118 IMPORTANT |
5 Custom configuration is now specified in local_options.h rather than options.h | 119 Custom configuration is now specified in localoptions.h rather than options.h |
6 Available options and defaults can be seen in default_options.h | 120 Available options and defaults can be seen in default_options.h |
7 | 121 |
8 To migrate your configuration, compare your customised options.h against the | 122 To migrate your configuration, compare your customised options.h against the |
9 upstream options.h from your relevant version. Any customised options should | 123 upstream options.h from your relevant version. Any customised options should |
10 be put in localoptions.h | 124 be put in localoptions.h in the build directory. |
11 | 125 |
12 - "configure --enable-static" should now be used instead of "make STATIC=1" | 126 - "configure --enable-static" should now be used instead of "make STATIC=1" |
13 This will avoid 'hardened build' flags that conflict with static binaries | 127 This will avoid 'hardened build' flags that conflict with static binaries |
14 | 128 |
15 - Set 'hardened build' flags by default if supported by the compiler. | 129 - Set 'hardened build' flags by default if supported by the compiler. |
99 - Security: Fix double-free in server TCP listener cleanup | 213 - Security: Fix double-free in server TCP listener cleanup |
100 A double-free in the server could be triggered by an authenticated user if | 214 A double-free in the server could be triggered by an authenticated user if |
101 dropbear is running with -a (Allow connections to forwarded ports from any host) | 215 dropbear is running with -a (Allow connections to forwarded ports from any host) |
102 This could potentially allow arbitrary code execution as root by an authenticated user. | 216 This could potentially allow arbitrary code execution as root by an authenticated user. |
103 Affects versions 2013.56 to 2016.74. Thanks to Mark Shepard for reporting the crash. | 217 Affects versions 2013.56 to 2016.74. Thanks to Mark Shepard for reporting the crash. |
104 CVE-2017-9078 https://secure.ucc.asn.au/hg/dropbear/rev/c8114a48837c | 218 CVE-2017-9078 https://hg.ucc.asn.au/dropbear/rev/c8114a48837c |
105 | 219 |
106 - Security: Fix information disclosure with ~/.ssh/authorized_keys symlink. | 220 - Security: Fix information disclosure with ~/.ssh/authorized_keys symlink. |
107 Dropbear parsed authorized_keys as root, even if it were a symlink. The fix | 221 Dropbear parsed authorized_keys as root, even if it were a symlink. The fix |
108 is to switch to user permissions when opening authorized_keys | 222 is to switch to user permissions when opening authorized_keys |
109 | 223 |
111 couldn't normally read. If they managed to get that file to contain valid | 225 couldn't normally read. If they managed to get that file to contain valid |
112 authorized_keys with command= options it might be possible to read other | 226 authorized_keys with command= options it might be possible to read other |
113 contents of that file. | 227 contents of that file. |
114 This information disclosure is to an already authenticated user. | 228 This information disclosure is to an already authenticated user. |
115 Thanks to Jann Horn of Google Project Zero for reporting this. | 229 Thanks to Jann Horn of Google Project Zero for reporting this. |
116 CVE-2017-9079 https://secure.ucc.asn.au/hg/dropbear/rev/0d889b068123 | 230 CVE-2017-9079 https://hg.ucc.asn.au/dropbear/rev/0d889b068123 |
117 | 231 |
118 - Generate hostkeys with dropbearkey atomically and flush to disk with fsync | 232 - Generate hostkeys with dropbearkey atomically and flush to disk with fsync |
119 Thanks to Andrei Gherzan for a patch | 233 Thanks to Andrei Gherzan for a patch |
120 | 234 |
121 - Fix out of tree builds with bundled libtom | 235 - Fix out of tree builds with bundled libtom |
131 | 245 |
132 A dbclient user who can control username or host arguments could potentially | 246 A dbclient user who can control username or host arguments could potentially |
133 run arbitrary code as the dbclient user. This could be a problem if scripts | 247 run arbitrary code as the dbclient user. This could be a problem if scripts |
134 or webpages pass untrusted input to the dbclient program. | 248 or webpages pass untrusted input to the dbclient program. |
135 CVE-2016-7406 | 249 CVE-2016-7406 |
136 https://secure.ucc.asn.au/hg/dropbear/rev/b66a483f3dcb | 250 https://hg.ucc.asn.au/dropbear/rev/b66a483f3dcb |
137 | 251 |
138 - Security: dropbearconvert import of OpenSSH keys could run arbitrary code as | 252 - Security: dropbearconvert import of OpenSSH keys could run arbitrary code as |
139 the local dropbearconvert user when parsing malicious key files | 253 the local dropbearconvert user when parsing malicious key files |
140 CVE-2016-7407 | 254 CVE-2016-7407 |
141 https://secure.ucc.asn.au/hg/dropbear/rev/34e6127ef02e | 255 https://hg.ucc.asn.au/dropbear/rev/34e6127ef02e |
142 | 256 |
143 - Security: dbclient could run arbitrary code as the local dbclient user if | 257 - Security: dbclient could run arbitrary code as the local dbclient user if |
144 particular -m or -c arguments are provided. This could be an issue where | 258 particular -m or -c arguments are provided. This could be an issue where |
145 dbclient is used in scripts. | 259 dbclient is used in scripts. |
146 CVE-2016-7408 | 260 CVE-2016-7408 |
147 https://secure.ucc.asn.au/hg/dropbear/rev/eed9376a4ad6 | 261 https://hg.ucc.asn.au/dropbear/rev/eed9376a4ad6 |
148 | 262 |
149 - Security: dbclient or dropbear server could expose process memory to the | 263 - Security: dbclient or dropbear server could expose process memory to the |
150 running user if compiled with DEBUG_TRACE and running with -v | 264 running user if compiled with DEBUG_TRACE and running with -v |
151 CVE-2016-7409 | 265 CVE-2016-7409 |
152 https://secure.ucc.asn.au/hg/dropbear/rev/6a14b1f6dc04 | 266 https://hg.ucc.asn.au/dropbear/rev/6a14b1f6dc04 |
153 | 267 |
154 The security issues were reported by an anonymous researcher working with | 268 The security issues were reported by an anonymous researcher working with |
155 Beyond Security's SecuriTeam Secure Disclosure www.beyondsecurity.com/ssd.html | 269 Beyond Security's SecuriTeam Secure Disclosure www.beyondsecurity.com/ssd.html |
156 | 270 |
157 - Fix port forwarding failure when connecting to domains that have both | 271 - Fix port forwarding failure when connecting to domains that have both |
193 | 307 |
194 2016.72 - 9 March 2016 | 308 2016.72 - 9 March 2016 |
195 | 309 |
196 - Validate X11 forwarding input. Could allow bypass of authorized_keys command= restrictions, | 310 - Validate X11 forwarding input. Could allow bypass of authorized_keys command= restrictions, |
197 found by github.com/tintinweb. Thanks for Damien Miller for a patch. CVE-2016-3116 | 311 found by github.com/tintinweb. Thanks for Damien Miller for a patch. CVE-2016-3116 |
198 https://secure.ucc.asn.au/hg/dropbear/rev/a3e8389e01ff | 312 https://hg.ucc.asn.au/dropbear/rev/a3e8389e01ff |
199 | 313 |
200 2015.71 - 3 December 2015 | 314 2015.71 - 3 December 2015 |
201 | 315 |
202 - Fix "bad buf_incrpos" when data is transferred, broke in 2015.69 | 316 - Fix "bad buf_incrpos" when data is transferred, broke in 2015.69 |
203 | 317 |
474 Patch from Martin Donnelly | 588 Patch from Martin Donnelly |
475 | 589 |
476 - Limit the size of decompressed payloads, avoids memory exhaustion denial | 590 - Limit the size of decompressed payloads, avoids memory exhaustion denial |
477 of service | 591 of service |
478 Thanks to Logan Lamb for reporting and investigating it. CVE-2013-4421 | 592 Thanks to Logan Lamb for reporting and investigating it. CVE-2013-4421 |
479 https://secure.ucc.asn.au/hg/dropbear/rev/0bf76f54de6f | 593 https://hg.ucc.asn.au/dropbear/rev/0bf76f54de6f |
480 | 594 |
481 - Avoid disclosing existence of valid users through inconsistent delays | 595 - Avoid disclosing existence of valid users through inconsistent delays |
482 Thanks to Logan Lamb for reporting. CVE-2013-4434 | 596 Thanks to Logan Lamb for reporting. CVE-2013-4434 |
483 https://secure.ucc.asn.au/hg/dropbear/rev/d7784616409a | 597 https://hg.ucc.asn.au/dropbear/rev/d7784616409a |
484 | 598 |
485 - Update config.guess and config.sub for newer architectures | 599 - Update config.guess and config.sub for newer architectures |
486 | 600 |
487 - Avoid segfault in server for locked accounts | 601 - Avoid segfault in server for locked accounts |
488 | 602 |
581 authorized_keys restrictions are used. Could allow arbitrary code execution | 695 authorized_keys restrictions are used. Could allow arbitrary code execution |
582 or bypass of the command="..." restriction to an authenticated user. | 696 or bypass of the command="..." restriction to an authenticated user. |
583 This bug affects releases 0.52 onwards. Ref CVE-2012-0920. | 697 This bug affects releases 0.52 onwards. Ref CVE-2012-0920. |
584 Thanks to Danny Fullerton of Mantor Organization for reporting | 698 Thanks to Danny Fullerton of Mantor Organization for reporting |
585 the bug. | 699 the bug. |
586 https://secure.ucc.asn.au/hg/dropbear/rev/818108bf7749 | 700 https://hg.ucc.asn.au/dropbear/rev/818108bf7749 |
587 | 701 |
588 - Compile fix, only apply IPV6 socket options if they are available in headers | 702 - Compile fix, only apply IPV6 socket options if they are available in headers |
589 Thanks to Gustavo Zacarias for the patch | 703 Thanks to Gustavo Zacarias for the patch |
590 | 704 |
591 - Overwrite session key memory on exit | 705 - Overwrite session key memory on exit |
625 message informing what the port is, thanks to Ali Onur Uyar. | 739 message informing what the port is, thanks to Ali Onur Uyar. |
626 | 740 |
627 - New version numbering scheme. | 741 - New version numbering scheme. |
628 | 742 |
629 Source repository has now migrated to Mercurial at | 743 Source repository has now migrated to Mercurial at |
630 https://secure.ucc.asn.au/hg/dropbear/graph/default | 744 https://hg.ucc.asn.au/dropbear/graph/default |
631 | 745 |
632 0.53.1 - Wednesday 2 March 2011 | 746 0.53.1 - Wednesday 2 March 2011 |
633 | 747 |
634 - -lcrypt needs to be before object files for static linking | 748 - -lcrypt needs to be before object files for static linking |
635 | 749 |