Mercurial > dropbear
comparison CHANGES @ 661:c015af8a71cf
2012.55
| author | Matt Johnston <matt@ucc.asn.au> |
|---|---|
| date | Wed, 22 Feb 2012 22:12:15 +0800 |
| parents | 3f12086c2ef2 |
| children | d354464b2aa6 |
comparison
equal
deleted
inserted
replaced
| 660:a842469ce8ad | 661:c015af8a71cf |
|---|---|
| 1 2012.55 - Wednesday 22 February 2012 | |
| 2 | |
| 3 - Security: Fix use-after-free bug that could be triggered when multiple command sessions were | |
| 4 made when a command="" authorized_keys restriction was in effect. Possible arbitrary | |
| 5 code execution to an authenticated user, and probable bypass of the command="" restriction. | |
| 6 CVE-2012-0920. Thanks to Danny Fullerton of Mantor Organization for reporting the bug | |
| 7 | |
| 8 - Compile fix, only apply IPV6 socket options if they are available in headers | |
| 9 Thanks to Gustavo Zacarias for the patch | |
| 10 | |
| 11 - Clear key memory on exit | |
| 12 | |
| 13 - Fix minor memory leak in unusual PAM authentication configurations. | |
| 14 Thanks to Stathis Voukelatos | |
| 15 | |
| 16 - Other small code cleanups | |
| 17 | |
| 1 2011.54 - Tuesday 8 November 2011 | 18 2011.54 - Tuesday 8 November 2011 |
| 2 | 19 |
| 3 - Building statically works again, broke in 0.53 and 0.53.1 | 20 - Building statically works again, broke in 0.53 and 0.53.1 |
| 4 | 21 |
| 5 - Fix crash when forwarding with -R | 22 - Fix crash when forwarding with -R |