[ubuntu/quantal] dropbear 2012.55-1 (Accepted)

Julian Taylor jtaylor.debian at googlemail.com
Mon Apr 30 16:16:10 UTC 2012


dropbear (2012.55-1) unstable; urgency=high

  * New upstream release.
    * Fix use-after-free bug that could be triggered if command="..."
      authorized_keys restrictions are used.  Could allow arbitrary
      code execution or bypass of the command="..." restriction to an
      authenticated user.  This bug affects releases 0.52 onwards.
      Ref CVE-2012-0920 (closes: #661150).  Thanks to Danny Fullerton
      of Mantor Organization for reporting the bug.

Date: 2012-02-28 03:23:00.813297+00:00
Signed-By: Julian Taylor <jtaylor.debian at googlemail.com>
https://launchpad.net/ubuntu/quantal/+source/dropbear/2012.55-1
-------------- next part --------------
Sorry, changesfile not available.


More information about the Quantal-changes mailing list