Softpedia >Linux >System >System Administration >Dropbear SSH >  Changelog

Dropbear SSH Changelog

What's new in Dropbear SSH 2012.55

Feb 25, 2012
  • This version fixes a security bug that could allow code execution as root by an authenticated user if a command="..." option is used in authorized_keys.
  • It also includes various minor fixes and cleanups.

New in Dropbear SSH 2011.54 (Nov 9, 2011)

  • This is primarily a bugfix release, fixing static build problems and crashes with -R forwarding.
  • IPv6 support has been improved and a number of minor leaks have been fixed.

New in Dropbear SSH 0.53 (Feb 25, 2011)

  • Various performance/memory use improvements
  • Client agent forwarding now works, using OpenSSH's ssh-agent
  • Improve robustness of client multihop mode
  • Fix a prime generation bug in bundled libtommath. This is unlikely to have generated any bad keys in the wild.
  • Attempt to build against system libtomcrypt/libtommath if available. This can be disabled with ./configure --enable-bundled-libtom
  • Make -K (keepalive) and -I (idle timeout) work together sensibly in the client. The idle timeout is no longer reset by SSH_MSG_IGNORE packets.
  • Compile fix if ENABLE_CLI_PROXYCMD is disabled
  • /usr/bin/X11/xauth is now the default path
  • Client remote forward (-L/-R) arguments now accept a listen address
  • In uClinux avoid trashing the parent process when a session exits
  • Blowfish is now disabled by default since it has large memory usage
  • Add option to change zlib windowbits/memlevel. Use less memory by default
  • DROPBEAR_SMALL_CODE is now disabled by default
  • SSH_ORIGINAL_COMMAND environment variable is set by the server when an authorized_keys command is specified.
  • Set SSH_TTY and SSH_CONNECTION environment variables in the server
  • Client banner is now printed to standard error rather than standard output
  • Capitalisation in many log messages has been made consistent. This may affect scripts that parse logfiles.

New in Dropbear SSH 0.52 (Nov 12, 2008)

  • A few improvements were made to the client, such as support for multihop connections (useful for scp/rsync), [email protected] compression, and sftp subsystem support.
  • The server portion now supports some restrictions in authorized_key entries.
  • The release also has a few minor bugfixes.