|
The upgrade addresses CVE-2016-3116:
- Validate X11 forwarding input. Could allow bypass of
authorized_keys command= restrictions,
found by github.com/tintinweb.
Thanks for Damien Miller for a patch. CVE-2016-3116
References:
https://matt.ucc.asn.au/dropbear/CHANGES
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3116
(From OE-Core rev: 5ebac39d1d6dcf041e05002c0b8bf18bfb38e6d3)
Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|