mirrors/poky

Fork 0

mirror of https://git.yoctoproject.org/poky synced 2026-06-01 13:09:50 +00:00

Commit Graph

Author	SHA1	Message	Date
Sona Sarmadi	58538b0703	dropbear: upgrade to 2016.72 The upgrade addresses CVE-2016-3116: - Validate X11 forwarding input. Could allow bypass of authorized_keys command= restrictions, found by github.com/tintinweb. Thanks for Damien Miller for a patch. CVE-2016-3116 References: https://matt.ucc.asn.au/dropbear/CHANGES https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3116 (From OE-Core rev: 5ebac39d1d6dcf041e05002c0b8bf18bfb38e6d3) Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>	2016-09-23 15:27:05 +01:00

Author

SHA1

Message

Date

Sona Sarmadi

58538b0703

dropbear: upgrade to 2016.72

The upgrade addresses CVE-2016-3116:

- Validate X11 forwarding input. Could allow bypass of
  authorized_keys command= restrictions,
  found by github.com/tintinweb.
  Thanks for Damien Miller for a patch. CVE-2016-3116

References:
https://matt.ucc.asn.au/dropbear/CHANGES
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3116

(From OE-Core rev: 5ebac39d1d6dcf041e05002c0b8bf18bfb38e6d3)

Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>

2016-09-23 15:27:05 +01:00

1 Commits