-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Tue, 16 Dec 2025 20:36:49 +0100
Source: dropbear
Binary: dropbear-bin dropbear-bin-dbgsym
Architecture: ppc64el
Version: 2025.89-1~deb13u1
Distribution: trixie-security
Urgency: high
Maintainer: ppc64el Build Daemon (ppc64el-osuosl-02) <buildd_ppc64el-ppc64el-osuosl-02@buildd.debian.org>
Changed-By: Guilhem Moulin <guilhem@debian.org>
Description:
 dropbear-bin - lightweight SSH2 server and client - command line tools
Closes: 1123069
Changes:
 dropbear (2025.89-1~deb13u1) trixie-security; urgency=high
 .
   * New upstream security and bugfix release (closes: #1123069).
     + Fix CVE-2025-14282: Privilege escalation via unix stream forwarding in
       Dropbear server. Other programs on a system may authenticate unix
       sockets via SO_PEERCRED, which would be root user for Dropbear forwarded
       connections, allowing root privilege escalation.
     + The server now drops privileges of the dropbear process after
       authentication.
     + Remote server TCP socket forwarding will now use OS privileged port
       restrictions rather than having a fixed "allow >=1024 for non-root"
       rule.
     + Unix stream sockets are now disallowed when a forced command is used,
       either with authorized_key restrictions or "dropbear -c command".
   * DEP-8: Add "Depends: e2fsprogs" to remote-unlocking test.
Checksums-Sha1:
 4ab4c04f4fcf315ce695d5a305e4495782c2b071 763264 dropbear-bin-dbgsym_2025.89-1~deb13u1_ppc64el.deb
 24711bb814583db164849681e469944ec896366b 196304 dropbear-bin_2025.89-1~deb13u1_ppc64el.deb
 93c4c12937fb9204cee261ebaf26261ec835100e 6015 dropbear_2025.89-1~deb13u1_ppc64el-buildd.buildinfo
Checksums-Sha256:
 2056c3232252b0dcfc907d376bd3de5282d6b7f7510c9fe72ff77d069256f146 763264 dropbear-bin-dbgsym_2025.89-1~deb13u1_ppc64el.deb
 a99a3673e8358acc49e7e018637fc5b9299c1cd3b7afb8f7b65ed1dfb02f5604 196304 dropbear-bin_2025.89-1~deb13u1_ppc64el.deb
 6fc5874a0170e589cd0b91561530a88b719310d1cceec310a89a5a37441315d3 6015 dropbear_2025.89-1~deb13u1_ppc64el-buildd.buildinfo
Files:
 0c94501162a0c36a101a3578c736158b 763264 debug optional dropbear-bin-dbgsym_2025.89-1~deb13u1_ppc64el.deb
 d8ac8c64b5feae52a2778c5bdb0e3d7d 196304 net optional dropbear-bin_2025.89-1~deb13u1_ppc64el.deb
 5083eb11f2a30f6e9caf95f2c014f55d 6015 net optional dropbear_2025.89-1~deb13u1_ppc64el-buildd.buildinfo

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEYo4fOZBRi9qmvTxH1PowSTJ8+YQFAmlB0IEACgkQ1PowSTJ8
+YS3uRAAwWrCrgkpC9P6xthW2oP2NL3M58HbFB3s5EHGQ85NNZrVE0CQ3e1bGPlz
y2sfos7oAyQHZqZr0uBXuxEEl8GSA9eZrGazqoqYe6d225Wciwy885gBao5oDanN
ot2CJv/BtQl9W9ti6zCv52JnrFNAnA/CevMoH+HHhuySDeU/GjJaj3J4I8T7HBo+
kCydb5YuN7Q9K423ZNqr7dHxsg02kTrUu8e4LqhCTDiTGRtfE7/FQWn7AQX9fwn+
CU+sk0TvRDWCmN8oym38CHGBYk17FhytmsRClju+vSq5187V+obK1xWOFVAev9Ij
Wr07YNFCV07gF2lUb6Xhcf/cVrUzsAQ4TW0pcejo3K5otllXJ8Z+MA4vHscJE2RI
8JzS8IBUQTm7oThPN0gqGon18/s27gKGT+5cuThRYWfIKAkcc15aO74iBQs5R9mq
SxzVIq+S50XJ5aJHTeJM9IAj5R3kDxEt54lUvrA+kBOvuS2UFsmeGG7eqPuEtFql
qXqzs/vkGdf+6EnJ7H5VShU4DK2ckvoXo6V++LVPKZqKh8gUOPULtwfskz6aGjzO
U563cIWNi0X06MoRZBCOmYzNlprhuy8NybRBrahy8i2YQrmxuFabQxryTRrZqQ+P
AHkwE0orl2RwpIsHwIn9yeY8XSCoioXsm2GA2vRVoX2hS2xrWKU=
=HsB0
-----END PGP SIGNATURE-----