~ubuntu-branches/ubuntu/trusty/dropbear/trusty

Viewing all changes in revision 18.

  • Committer: Package Import Robot
  • Author(s): Gerrit Pape
  • Date: 2012-02-27 14:18:53 UTC
  • mfrom: (1.3.8) (14.1.3 sid)
  • Revision ID: package-import@ubuntu.com-20120227141853-qid825t7wamjk5fc
Tags: 2012.55-1
* New upstream release.
  * Fix use-after-free bug that could be triggered if command="..."
    authorized_keys restrictions are used.  Could allow arbitrary
    code execution or bypass of the command="..." restriction to an
    authenticated user.  This bug affects releases 0.52 onwards.
    Ref CVE-2012-0920 (closes: #661150).  Thanks to Danny Fullerton
    of Mantor Organization for reporting the bug.

expand all expand all

Show diffs side-by-side

added added

removed removed

Lines of Context: