Paketname
dropbear
Datum
2013-10-28
Advisory ID
MDVSA-2013:261
Betroffene Versionen
MBS1 x86_64

Problembeschreibung

Updated dropbear package fixes security vulnerability:

Possible memory exhaustion denial of service due to the size of
decompressed payloads in dropbear before 2013.59 (CVE-2013-4421).

Inconsistent delays in authorization failures could be used to
disclose the existence of valid user accounts in dropbear before
2013.59 (CVE-2013-4434).

Aktualisierte Pakete

MBS1 x86_64

 e6cee9d673e5a152566520e725f19c30  mbs1/x86_64/dropbear-2013.59-1.mbs1.x86_64.rpm 
 241598b35ee5860ad4cd39116b7899e4  mbs1/SRPMS/dropbear-2013.59-1.mbs1.src.rpm

Referenzen