# HG changeset patch
# User Matt Johnston <matt@ucc.asn.au>
# Date 1457535255 -28800
# Node ID 2c23d72e06b21252eb9c04cc478af688bac709dd
# Parent  a3e8389e01ffeb0375128d5e7d5407180ade7c4e
2016.72

diff -r a3e8389e01ff -r 2c23d72e06b2 CHANGES
--- a/CHANGES	Wed Mar 09 22:45:40 2016 +0800
+++ b/CHANGES	Wed Mar 09 22:54:15 2016 +0800
@@ -1,3 +1,8 @@
+2016.72 - 9 March 2016
+
+- Validate X11 forwarding input. Could allow bypass of authorized_keys command= restrictions,
+  found by github.com/tintinweb. Thanks for Damien Miller for a patch.
+
 2015.71 - 3 December 2015
 
 - Fix "bad buf_incrpos" when data is transferred, broke in 2015.69
diff -r a3e8389e01ff -r 2c23d72e06b2 sysoptions.h
--- a/sysoptions.h	Wed Mar 09 22:45:40 2016 +0800
+++ b/sysoptions.h	Wed Mar 09 22:54:15 2016 +0800
@@ -4,7 +4,7 @@
  *******************************************************************/
 
 #ifndef DROPBEAR_VERSION
-#define DROPBEAR_VERSION "2015.71"
+#define DROPBEAR_VERSION "2016.72"
 #endif
 
 #define LOCAL_IDENT "SSH-2.0-dropbear_" DROPBEAR_VERSION