mirror of
https://github.com/NixOS/nixpkgs.git
synced 2024-11-17 23:36:17 +01:00
7c84bd121a
Security fixes: - Message printout was vulnerable to format string injection - dropbearconvert import of OpenSSH keys could run arbitrary code as the local dropbearconvert user when parsing malicious key files - dbclient could run arbitrary code as the local dbclient user if particular -m or -c arguments are provided - dbclient or dropbear server could expose process memory to the running user if compiled with DEBUG_TRACE and running with -v Fixes: - Fix port forwarding failure when connecting to domains that have both IPv4 and IPv6 addresses. The bug was introduced in 2015.68 - Fix 100% CPU use while waiting for rekey to complete |
||
---|---|---|
.. | ||
default.nix | ||
pass-path.patch |