Mercurial > dropbear

changeset 1147:809feaa9408f DROPBEAR_2015.68

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
changelog and version 2015.68
author Matt Johnston <matt@ucc.asn.au>
date Sat, 08 Aug 2015 20:35:28 +0800
parents 3c8403f4669d
children a687f835236c
files CHANGES debian/changelog sysoptions.h
diffstat 3 files changed, 30 insertions(+), 13 deletions(-) [+]
line wrap: on
line diff
--- a/CHANGES	Fri Aug 07 23:07:16 2015 +0800
+++ b/CHANGES	Sat Aug 08 20:35:28 2015 +0800
@@ -1,23 +1,31 @@
-- Improve efficiency of writing data to local program/pipes, measured 30% increase
+2015.68 - Saturday 8 August 2015
+
+- Reduce local data copying for improved efficiency. Measured 30%
   increase in throughput for connections to localhost
 
-- Use TCP Fast Open on Linux if available. saves a round trip at connection
+- Forwarded TCP ports connect asynchronously and try all available addresses
+  (IPv4, IPv6, round robin DNS)
+
+- Fix all compile warnings, many patches from Gaël Portay
+  Note that configure with -Werror may not be successful on some platforms (OS X)
+  and some configuration options may still result in unused variable
+  warnings.
+
+- Use TCP Fast Open on Linux if available. Saves a round trip at connection
   to hosts that have previously been connected. 
   Needs a recent Linux kernel and possibly "sysctl -w net.ipv4.tcp_fastopen=3"
   Client side is disabled by default pending further compatibility testing
   with networks and systems.
 
-- Forwarded TCP ports connect asynchronously and retry with other available
-  addresses (IPv4 versus IPv6, round robin IPs)
+- Increase maximum command length to 9000 bytes
 
 - Free memory before exiting, patch from Thorsten Horstmann. Useful for
   Dropbear ports to embedded systems and for checking memory leaks
-  with valgrind. Only partially implemented for client side.
+  with valgrind. Only partially implemented for dbclient.
+  This is disabled by default, enable with DROPBEAR_CLEANUP in sysoptions.h
 
-- Fix all compile warnings, patch from Gaël Portay
-  (note that configure with -Werror may not be successful on some platforms
-  such as OS X and some configuration options may result in unused variable
-  warnings)
+- DROPBEAR_DEFAULT_CLI_AUTHKEY setting now always prepends home directory unless
+  there is a leading slash (~ isn't treated specially)
 
 - Fix small ECC memory leaks
 
@@ -29,10 +37,13 @@
 - Fix pre-authentication timeout when waiting for client SSH-2.0 banner, thanks
   to CL Ouyang
 
-- Increase maximum command size to 9000 bytes
+- Fix null pointer crash with restrictions in authorized_keys without a command, patch from
+  Guilhem Moulin
 
-- DROPBEAR_DEFAULT_CLI_AUTHKEY setting now always prepends home directory unless
-  there is a leading slash (~ isn't treated specially)
+- Ensure authentication timeout is handled while reading the initial banner,
+  thanks to CL Ouyang for finding it.
+
+- Fix null pointer crash when handling bad ECC keys. Found by afl-fuzz
 
 2015.67 - Wednesday 28 January 2015
 
--- a/debian/changelog	Fri Aug 07 23:07:16 2015 +0800
+++ b/debian/changelog	Sat Aug 08 20:35:28 2015 +0800
@@ -1,3 +1,9 @@
+dropbear (2015.68-0.1) unstable; urgency=low
+
+  * New upstream release.
+
+ -- Matt Johnston <[email protected]>  Sat, 8 Aug 2015 22:52:58 +0800
+
 dropbear (2015.67-0.1) unstable; urgency=low
 
   * New upstream release.
--- a/sysoptions.h	Fri Aug 07 23:07:16 2015 +0800
+++ b/sysoptions.h	Sat Aug 08 20:35:28 2015 +0800
@@ -4,7 +4,7 @@
  *******************************************************************/
 
 #ifndef DROPBEAR_VERSION
-#define DROPBEAR_VERSION "2015.67"
+#define DROPBEAR_VERSION "2015.68"
 #endif
 
 #define LOCAL_IDENT "SSH-2.0-dropbear_" DROPBEAR_VERSION