* [ptxdist] [PATCH 0/2] dropbear: version bump and cve product adaption
@ 2026-04-20 11:04 Alexander Dahl via ptxdist
2026-04-20 11:04 ` [ptxdist] [PATCH 1/2] dropbear: version bump 2025.88 -> 2025.89 Alexander Dahl via ptxdist
2026-04-20 11:04 ` [ptxdist] [PATCH 2/2] dropbear: add custom CVE product Alexander Dahl via ptxdist
0 siblings, 2 replies; 3+ messages in thread
From: Alexander Dahl via ptxdist @ 2026-04-20 11:04 UTC (permalink / raw)
To: ptxdist; +Cc: Alexander Dahl
Hello,
a new dropbear version is out, with bug fixes and security fixes.
Adapted the CPE string while at it. Tested briefly on at91 sam9x60
based armv5 target.
Greets
Alex
Alexander Dahl (2):
dropbear: version bump 2025.88 -> 2025.89
dropbear: add custom CVE product
rules/dropbear.make | 5 +++--
1 file changed, 3 insertions(+), 2 deletions(-)
base-commit: 9e28c99dd6a5b30c578b75deb71bd82d41fda429
--
2.47.3
^ permalink raw reply [flat|nested] 3+ messages in thread
* [ptxdist] [PATCH 1/2] dropbear: version bump 2025.88 -> 2025.89
2026-04-20 11:04 [ptxdist] [PATCH 0/2] dropbear: version bump and cve product adaption Alexander Dahl via ptxdist
@ 2026-04-20 11:04 ` Alexander Dahl via ptxdist
2026-04-20 11:04 ` [ptxdist] [PATCH 2/2] dropbear: add custom CVE product Alexander Dahl via ptxdist
1 sibling, 0 replies; 3+ messages in thread
From: Alexander Dahl via ptxdist @ 2026-04-20 11:04 UTC (permalink / raw)
To: ptxdist; +Cc: Alexander Dahl
Security update, plugs CVE-2025-14282 and CVE-2019-6111.
Plus some minor bugfixes.
Link: https://lists.ucc.gu.uwa.edu.au/pipermail/dropbear/2025q4/002390.html
Signed-off-by: Alexander Dahl <ada@thorsis.com>
---
rules/dropbear.make | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/rules/dropbear.make b/rules/dropbear.make
index 79cb8873e..fe44432c9 100644
--- a/rules/dropbear.make
+++ b/rules/dropbear.make
@@ -16,8 +16,8 @@ PACKAGES-$(PTXCONF_DROPBEAR) += dropbear
#
# Paths and names
#
-DROPBEAR_VERSION := 2025.88
-DROPBEAR_MD5 := 510165167b102589d64144cab4477b6c
+DROPBEAR_VERSION := 2025.89
+DROPBEAR_MD5 := 2816ff711130f030daee12cbb10fd5ec
DROPBEAR := dropbear-$(DROPBEAR_VERSION)
DROPBEAR_SUFFIX := tar.bz2
DROPBEAR_URL := \
--
2.47.3
^ permalink raw reply [flat|nested] 3+ messages in thread
* [ptxdist] [PATCH 2/2] dropbear: add custom CVE product
2026-04-20 11:04 [ptxdist] [PATCH 0/2] dropbear: version bump and cve product adaption Alexander Dahl via ptxdist
2026-04-20 11:04 ` [ptxdist] [PATCH 1/2] dropbear: version bump 2025.88 -> 2025.89 Alexander Dahl via ptxdist
@ 2026-04-20 11:04 ` Alexander Dahl via ptxdist
1 sibling, 0 replies; 3+ messages in thread
From: Alexander Dahl via ptxdist @ 2026-04-20 11:04 UTC (permalink / raw)
To: ptxdist; +Cc: Alexander Dahl
The autogenerated one does not match.
Link: https://nvd.nist.gov/products/cpe/search/results?namingFormat=2.3&orderBy=CPEURI&keyword=dropbear&status=FINAL&startIndex=60
Signed-off-by: Alexander Dahl <ada@thorsis.com>
---
rules/dropbear.make | 1 +
1 file changed, 1 insertion(+)
diff --git a/rules/dropbear.make b/rules/dropbear.make
index fe44432c9..921aeb9ad 100644
--- a/rules/dropbear.make
+++ b/rules/dropbear.make
@@ -32,6 +32,7 @@ DROPBEAR_LICENSE_FILES := \
file://libtomcrypt/LICENSE;md5=71baacc459522324ef3e2b9e052e8180 \
file://libtommath/LICENSE;md5=23e7e0a32e53a2b1d35f5fd9ef053402 \
file://src/loginrec.c;startline=1;endline=26;md5=0d785ee11fab1cead2c7fee9c35574f1
+DROPBEAR_CVE_PRODUCT := dropbear_ssh_project:dropbear_ssh
# ----------------------------------------------------------------------------
# Prepare
--
2.47.3
^ permalink raw reply [flat|nested] 3+ messages in thread
end of thread, other threads:[~2026-04-20 11:05 UTC | newest]
Thread overview: 3+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2026-04-20 11:04 [ptxdist] [PATCH 0/2] dropbear: version bump and cve product adaption Alexander Dahl via ptxdist
2026-04-20 11:04 ` [ptxdist] [PATCH 1/2] dropbear: version bump 2025.88 -> 2025.89 Alexander Dahl via ptxdist
2026-04-20 11:04 ` [ptxdist] [PATCH 2/2] dropbear: add custom CVE product Alexander Dahl via ptxdist
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox