changeset 1230:2c23d72e06b2

2016.72
author Matt Johnston <matt@ucc.asn.au>
date Wed, 09 Mar 2016 22:54:15 +0800
parents a3e8389e01ff
children 78b12b6549be
files CHANGES sysoptions.h
diffstat 2 files changed, 6 insertions(+), 1 deletions(-) [+]
line wrap: on
line diff
--- a/CHANGES	Wed Mar 09 22:45:40 2016 +0800
+++ b/CHANGES	Wed Mar 09 22:54:15 2016 +0800
@@ -1,3 +1,8 @@
+2016.72 - 9 March 2016
+
+- Validate X11 forwarding input. Could allow bypass of authorized_keys command= restrictions,
+  found by github.com/tintinweb. Thanks for Damien Miller for a patch.
+
 2015.71 - 3 December 2015
 
 - Fix "bad buf_incrpos" when data is transferred, broke in 2015.69
--- a/sysoptions.h	Wed Mar 09 22:45:40 2016 +0800
+++ b/sysoptions.h	Wed Mar 09 22:54:15 2016 +0800
@@ -4,7 +4,7 @@
  *******************************************************************/
 
 #ifndef DROPBEAR_VERSION
-#define DROPBEAR_VERSION "2015.71"
+#define DROPBEAR_VERSION "2016.72"
 #endif
 
 #define LOCAL_IDENT "SSH-2.0-dropbear_" DROPBEAR_VERSION