Mercurial > dropbear

diff CHANGES @ 1230:2c23d72e06b2

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
2016.72
author Matt Johnston <matt@ucc.asn.au>
date Wed, 09 Mar 2016 22:54:15 +0800
parents 9a944a243f08
children 32cdbbe4b67e
line wrap: on
line diff
--- a/CHANGES	Wed Mar 09 22:45:40 2016 +0800
+++ b/CHANGES	Wed Mar 09 22:54:15 2016 +0800
@@ -1,3 +1,8 @@
+2016.72 - 9 March 2016
+
+- Validate X11 forwarding input. Could allow bypass of authorized_keys command= restrictions,
+  found by github.com/tintinweb. Thanks for Damien Miller for a patch.
+
 2015.71 - 3 December 2015
 
 - Fix "bad buf_incrpos" when data is transferred, broke in 2015.69