* [Buildroot] [PATCH 1/1] package/dropbear: security bump to version 2025.88
@ 2025-05-09 4:19 Kadambini Nema
2025-05-09 4:40 ` Baruch Siach via buildroot
2025-05-18 14:39 ` Arnout Vandecappelle via buildroot
0 siblings, 2 replies; 4+ messages in thread
From: Kadambini Nema @ 2025-05-09 4:19 UTC (permalink / raw)
To: buildroot; +Cc: Kadambini Nema
Fixes CVE-2025-47203.
https://security-tracker.debian.org/tracker/CVE-2025-47203
Release notes:
https://github.com/mkj/dropbear/releases/tag/DROPBEAR_2025.88
https://github.com/mkj/dropbear/releases/tag/DROPBEAR_2025.87
Signed-off-by: Kadambini Nema <kadambini.nema@gmail.com>
---
package/dropbear/dropbear.hash | 2 +-
package/dropbear/dropbear.mk | 2 +-
2 files changed, 2 insertions(+), 2 deletions(-)
diff --git a/package/dropbear/dropbear.hash b/package/dropbear/dropbear.hash
index cf2dd18d61..b18aca3aab 100644
--- a/package/dropbear/dropbear.hash
+++ b/package/dropbear/dropbear.hash
@@ -1,5 +1,5 @@
# From https://matt.ucc.asn.au/dropbear/releases/SHA256SUM.asc
-sha256 e78936dffc395f2e0db099321d6be659190966b99712b55c530dd0a1822e0a5e dropbear-2024.86.tar.bz2
+sha256 783f50ea27b17c16da89578fafdb6decfa44bb8f6590e5698a4e4d3672dc53d4 dropbear-2025.88.tar.bz2
# License file, locally computed
sha256 a99ce657d790b761c132ee7e0de18edb437ae6361e536d991c6a12f36e770445 LICENSE
diff --git a/package/dropbear/dropbear.mk b/package/dropbear/dropbear.mk
index e043893aa1..c383212e76 100644
--- a/package/dropbear/dropbear.mk
+++ b/package/dropbear/dropbear.mk
@@ -4,7 +4,7 @@
#
################################################################################
-DROPBEAR_VERSION = 2024.86
+DROPBEAR_VERSION = 2025.88
DROPBEAR_SITE = https://matt.ucc.asn.au/dropbear/releases
DROPBEAR_SOURCE = dropbear-$(DROPBEAR_VERSION).tar.bz2
DROPBEAR_LICENSE = MIT, BSD-2-Clause, Public domain
--
2.25.1
_______________________________________________
buildroot mailing list
buildroot@buildroot.org
https://lists.buildroot.org/mailman/listinfo/buildroot
^ permalink raw reply related [flat|nested] 4+ messages in thread
* Re: [Buildroot] [PATCH 1/1] package/dropbear: security bump to version 2025.88
2025-05-09 4:19 [Buildroot] [PATCH 1/1] package/dropbear: security bump to version 2025.88 Kadambini Nema
@ 2025-05-09 4:40 ` Baruch Siach via buildroot
2025-05-13 9:44 ` Peter Korsgaard
2025-05-18 14:39 ` Arnout Vandecappelle via buildroot
1 sibling, 1 reply; 4+ messages in thread
From: Baruch Siach via buildroot @ 2025-05-09 4:40 UTC (permalink / raw)
To: Kadambini Nema; +Cc: buildroot
Hi Kadambini Nema,
On Thu, May 08 2025, Kadambini Nema wrote:
> Fixes CVE-2025-47203.
> https://security-tracker.debian.org/tracker/CVE-2025-47203
>
> Release notes:
> https://github.com/mkj/dropbear/releases/tag/DROPBEAR_2025.88
> https://github.com/mkj/dropbear/releases/tag/DROPBEAR_2025.87
The 2025.87 release removed SHA-1 from the default build. See my comment
on Bernd's suggested 2025.87 bump patch:
https://lore.kernel.org/all/874j02d3h7.fsf@tarshish/
https://lore.kernel.org/all/20250309083216.824179-1-bernd@kuhls.net/
baruch
> Signed-off-by: Kadambini Nema <kadambini.nema@gmail.com>
> ---
> package/dropbear/dropbear.hash | 2 +-
> package/dropbear/dropbear.mk | 2 +-
> 2 files changed, 2 insertions(+), 2 deletions(-)
>
> diff --git a/package/dropbear/dropbear.hash b/package/dropbear/dropbear.hash
> index cf2dd18d61..b18aca3aab 100644
> --- a/package/dropbear/dropbear.hash
> +++ b/package/dropbear/dropbear.hash
> @@ -1,5 +1,5 @@
> # From https://matt.ucc.asn.au/dropbear/releases/SHA256SUM.asc
> -sha256 e78936dffc395f2e0db099321d6be659190966b99712b55c530dd0a1822e0a5e dropbear-2024.86.tar.bz2
> +sha256 783f50ea27b17c16da89578fafdb6decfa44bb8f6590e5698a4e4d3672dc53d4 dropbear-2025.88.tar.bz2
>
> # License file, locally computed
> sha256 a99ce657d790b761c132ee7e0de18edb437ae6361e536d991c6a12f36e770445 LICENSE
> diff --git a/package/dropbear/dropbear.mk b/package/dropbear/dropbear.mk
> index e043893aa1..c383212e76 100644
> --- a/package/dropbear/dropbear.mk
> +++ b/package/dropbear/dropbear.mk
> @@ -4,7 +4,7 @@
> #
> ################################################################################
>
> -DROPBEAR_VERSION = 2024.86
> +DROPBEAR_VERSION = 2025.88
> DROPBEAR_SITE = https://matt.ucc.asn.au/dropbear/releases
> DROPBEAR_SOURCE = dropbear-$(DROPBEAR_VERSION).tar.bz2
> DROPBEAR_LICENSE = MIT, BSD-2-Clause, Public domain
--
~. .~ Tk Open Systems
=}------------------------------------------------ooO--U--Ooo------------{=
- baruch@tkos.co.il - tel: +972.52.368.4656, http://www.tkos.co.il -
_______________________________________________
buildroot mailing list
buildroot@buildroot.org
https://lists.buildroot.org/mailman/listinfo/buildroot
^ permalink raw reply [flat|nested] 4+ messages in thread* Re: [Buildroot] [PATCH 1/1] package/dropbear: security bump to version 2025.88
2025-05-09 4:19 [Buildroot] [PATCH 1/1] package/dropbear: security bump to version 2025.88 Kadambini Nema
2025-05-09 4:40 ` Baruch Siach via buildroot
@ 2025-05-18 14:39 ` Arnout Vandecappelle via buildroot
1 sibling, 0 replies; 4+ messages in thread
From: Arnout Vandecappelle via buildroot @ 2025-05-18 14:39 UTC (permalink / raw)
To: Kadambini Nema, buildroot
On 09/05/2025 06:19, Kadambini Nema wrote:
> Fixes CVE-2025-47203.
> https://security-tracker.debian.org/tracker/CVE-2025-47203
>
> Release notes:
> https://github.com/mkj/dropbear/releases/tag/DROPBEAR_2025.88
> https://github.com/mkj/dropbear/releases/tag/DROPBEAR_2025.87
>
> Signed-off-by: Kadambini Nema <kadambini.nema@gmail.com>
Applied to 2025.02.x, thanks.
Regards,
Arnout
> ---
> package/dropbear/dropbear.hash | 2 +-
> package/dropbear/dropbear.mk | 2 +-
> 2 files changed, 2 insertions(+), 2 deletions(-)
>
> diff --git a/package/dropbear/dropbear.hash b/package/dropbear/dropbear.hash
> index cf2dd18d61..b18aca3aab 100644
> --- a/package/dropbear/dropbear.hash
> +++ b/package/dropbear/dropbear.hash
> @@ -1,5 +1,5 @@
> # From https://matt.ucc.asn.au/dropbear/releases/SHA256SUM.asc
> -sha256 e78936dffc395f2e0db099321d6be659190966b99712b55c530dd0a1822e0a5e dropbear-2024.86.tar.bz2
> +sha256 783f50ea27b17c16da89578fafdb6decfa44bb8f6590e5698a4e4d3672dc53d4 dropbear-2025.88.tar.bz2
>
> # License file, locally computed
> sha256 a99ce657d790b761c132ee7e0de18edb437ae6361e536d991c6a12f36e770445 LICENSE
> diff --git a/package/dropbear/dropbear.mk b/package/dropbear/dropbear.mk
> index e043893aa1..c383212e76 100644
> --- a/package/dropbear/dropbear.mk
> +++ b/package/dropbear/dropbear.mk
> @@ -4,7 +4,7 @@
> #
> ################################################################################
>
> -DROPBEAR_VERSION = 2024.86
> +DROPBEAR_VERSION = 2025.88
> DROPBEAR_SITE = https://matt.ucc.asn.au/dropbear/releases
> DROPBEAR_SOURCE = dropbear-$(DROPBEAR_VERSION).tar.bz2
> DROPBEAR_LICENSE = MIT, BSD-2-Clause, Public domain
_______________________________________________
buildroot mailing list
buildroot@buildroot.org
https://lists.buildroot.org/mailman/listinfo/buildroot
^ permalink raw reply [flat|nested] 4+ messages in thread
end of thread, other threads:[~2025-05-18 14:39 UTC | newest]
Thread overview: 4+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2025-05-09 4:19 [Buildroot] [PATCH 1/1] package/dropbear: security bump to version 2025.88 Kadambini Nema
2025-05-09 4:40 ` Baruch Siach via buildroot
2025-05-13 9:44 ` Peter Korsgaard
2025-05-18 14:39 ` Arnout Vandecappelle via buildroot
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.