-------------------------------------------------------------------------------- Fedora EPEL Update Notification FEDORA-EPEL-2012-6477 2012-07-20 23:46:10 --------------------------------------------------------------------------------

Name : dropbear Product : Fedora EPEL 5 Version : 0.55 Release : 1.el5 URL : http://matt.ucc.asn.au/dropbear/dropbear.html Summary : SSH2 server and client Description : Dropbear is a relatively small SSH 2 server and client. Dropbear is particularly useful for "embedded"-type Linux (or other Unix) systems, such as wireless routers.

-------------------------------------------------------------------------------- Update Information:

Update to 0.55, fix CVE-2012-0920. -------------------------------------------------------------------------------- References:

[ 1 ] Bug #783776 - 2011.54 is available https://bugzilla.redhat.com/show_bug.cgi?id=783776 [ 2 ] Bug #800657 - CVE-2012-0920 dropbear: use-after-free vulnerability [epel-6] https://bugzilla.redhat.com/show_bug.cgi?id=800657 [ 3 ] Bug #800656 - CVE-2012-0920 dropbear: use-after-free vulnerability [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=800656 --------------------------------------------------------------------------------

This update can be installed with the "yum" update programs. Use su -c 'yum update dropbear' at the command line. For more information, refer to "Managing Software with yum", available at http://docs.fedoraproject.org/yum/.

All packages are signed with the Fedora EPEL GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys --------------------------------------------------------------------------------