Ubuntu
dropbear package

CVE-2016-7406 - remote code execution in dropbear SSH

Bug #1643638 reported by Sven Mueller on 2016-11-21

258

This bug affects 1 person

Affects		Status	Importance	Assigned to	Milestone
	dropbear (Ubuntu)	Expired	Undecided	Unassigned

Bug Description

Upstream fix is (apparently): https://secure.ucc.asn.au/hg/dropbear/rev/b66a483f3dcb

CVE References

2016-7406

Sven Mueller (smu-u) on 2016-11-21

information type:

Private Security → Public Security

Revision history for this message

Tyler Hicks (tyhicks) wrote on 2016-12-01:

Thanks for taking the time to report this bug and helping to make Ubuntu better. Since the package referred to in this bug is in universe or multiverse, it is community maintained. If you are able, I suggest coordinating with upstream and posting a debdiff for this issue. When a debdiff is available, members of the security team will review it and publish the package. See the following link for more information: https://wiki.ubuntu.com/SecurityTeam/UpdateProcedures

Changed in dropbear (Ubuntu):
status:	New → Incomplete

Revision history for this message

Launchpad Janitor (janitor) wrote on 2017-01-31:

[Expired for dropbear (Ubuntu) because there has been no activity for 60 days.]

Changed in dropbear (Ubuntu):
status:	Incomplete → Expired

Report a bug

This report contains Public Security information

Everyone can see this security related information.

You are

Subscribing...

Edit bug mail

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.

Ubuntudropbear package