10.03.2016, 15:59, "Matt Johnston" :
> Hi all,
>
> Dropbear SSH 2016.72 is released. This has a single change, a
> security fix. If X11 forwarding is enabled a user could
> bypass any "command=" restrictions in authorized_keys and run
> any command as their own user (or perform
Hi all,
Dropbear SSH 2016.72 is released. This has a single change, a
security fix. If X11 forwarding is enabled a user could
bypass any "command=" restrictions in authorized_keys and run
any command as their own user (or perform other operations
allowed by the "xauth" binary such as writing