[ubuntu/quantal] dropbear 2012.55-1 (Accepted)
Julian Taylor
jtaylor.debian at googlemail.com
Mon Apr 30 16:16:10 UTC 2012
dropbear (2012.55-1) unstable; urgency=high
* New upstream release.
* Fix use-after-free bug that could be triggered if command="..."
authorized_keys restrictions are used. Could allow arbitrary
code execution or bypass of the command="..." restriction to an
authenticated user. This bug affects releases 0.52 onwards.
Ref CVE-2012-0920 (closes: #661150). Thanks to Danny Fullerton
of Mantor Organization for reporting the bug.
Date: 2012-02-28 03:23:00.813297+00:00
Signed-By: Julian Taylor <jtaylor.debian at googlemail.com>
https://launchpad.net/ubuntu/quantal/+source/dropbear/2012.55-1
-------------- next part --------------
Sorry, changesfile not available.
More information about the Quantal-changes
mailing list