Hi Guilhem,
On Sat, 20 May 2017, Guilhem Moulin wrote:
I did check that public key authentication is still working under
2012.55-1.3+deb7u2 (I didn't make any other check though).
thanks a lot for that fix, I just uploaded your new version to
wheezy-security. Later I will also send the DLA ..
On Sat, 20 May 2017 at 21:37:02 +0200, Guilhem Moulin wrote:
> Not sure how to tell the security tracker, though.
Oops, just saw the docs :-P
--
Guilhem.
signature.asc
Description: PGP signature
Hi there,
dropbear 2012.55-1.3+deb7u1 from wheezy-security is vulnerable to
CVE-2017-9079. I backported the fix from 2017.75 to sid and
jessie-security, and here is a debdiff against 2012.55-1.3+deb7u1.
I also uploaded the source package to people.d.o, you'll find it at
dget -x
https://peop
