comparison CHANGES @ 1285:309e1c4a8768 DROPBEAR_2016.73

update for 2016.73
author Matt Johnston <matt@ucc.asn.au>
date Fri, 18 Mar 2016 22:44:36 +0800
parents f107cef4be68
children 10f28c95ca31
comparison
equal deleted inserted replaced
1284:5d560c68c70c 1285:309e1c4a8768
1 - Fix crash when fallback initshells() is used, reported by Michael Nowak and Mike Tzou 1 2016.73 - 18 March 2016
2 2
3 - Support syslog in dbclient, option -o usesyslog=yes. Patch from Konstantin Tokarev 3 - Support syslog in dbclient, option -o usesyslog=yes. Patch from Konstantin Tokarev
4 4
5 - Kill a proxycommand when dbclient exits, patch from Konstantin Tokarev 5 - Kill a proxycommand when dbclient exits, patch from Konstantin Tokarev
6 6
7 - Option to exit when a TCP forward fails, patch from Konstantin Tokarev 7 - Option to exit when a TCP forward fails, patch from Konstantin Tokarev
8 8
9 - New "-o" option parsing from Konstantin Tokarev. This allows handling some extra options 9 - New "-o" option parsing from Konstantin Tokarev. This allows handling some extra options
10 in the style of OpenSSH, though implementing all OpenSSH options is not planned. 10 in the style of OpenSSH, though implementing all OpenSSH options is not planned.
11 11
12 - Fix crash when fallback initshells() is used, reported by Michael Nowak and Mike Tzou
13
14 - Allow specifying commands eg "dropbearmulti dbclient ..." instead of symlinks
15
12 - Various cleanups for issues found by a lint tool, patch from Francois Perrad 16 - Various cleanups for issues found by a lint tool, patch from Francois Perrad
13 17
14 - Allow specifying commands eg "dropbearmulti dbclient ..." instead of symlinks
15
16 - Fix tab indent consistency, patch from Francois Perrad 18 - Fix tab indent consistency, patch from Francois Perrad
17 19
18 - Fix issues found by cppcheck, reported by Mike Tzou 20 - Fix issues found by cppcheck, reported by Mike Tzou
21
22 - Use system memset_s() or explicit_bzero() if available to clear memory. Also make
23 libtomcrypt/libtommath routines use that (or Dropbear's own m_burn()).
24
25 - Prevent scp failing when the local user doesn't exist. Based on patch from Michael Witten.
26
27 - Improved Travis CI test running, thanks to Mike Tzou
28
29 - Improve some code that was flagged by Coverity and Fortify Static Code Analyzer
19 30
20 2016.72 - 9 March 2016 31 2016.72 - 9 March 2016
21 32
22 - Validate X11 forwarding input. Could allow bypass of authorized_keys command= restrictions, 33 - Validate X11 forwarding input. Could allow bypass of authorized_keys command= restrictions,
23 found by github.com/tintinweb. Thanks for Damien Miller for a patch. CVE-2016-3116 34 found by github.com/tintinweb. Thanks for Damien Miller for a patch. CVE-2016-3116