• Skip to sidebar navigation
  • Skip to content

Bitbucket

  • More
    ProjectsRepositories
  • Help
    • Online help
    • Learn Git
    • Welcome to Bitbucket
    • Keyboard shortcuts
  • Log In
Alexander Dahl
  1. Alexander Dahl

buildroot

Public
Actions
  • Clone
  • Compare

Learn more about cloning repositories

You have read-only access

Navigation
  • Source
  • Commits
  • Branches
  • All Branches Graph
  • Forks

Commits

Peter Korsgaard
8213190bfa8
CVE-2017
Download this commit
Peter Korsgaard committed 8644a83bd8020 May 2017
dropbear: security bump to version 2017.75

Fixes:

- CVE-2017-9078: A double-free in the server could be triggered by an
  authenticated user if dropbear is running with -a (Allow connections to
  forwarded ports from any host) This could potentially allow arbitrary code
  execution as root by an authenticated user.  Affects versions 2013.56 to
  2016.74.  Thanks to Mark Shepard for reporting the crash.

- CVE-2017-9079: Dropbear parsed authorized_keys as root, even if it were a
  symlink.  The fix is to switch to user permissions when opening
  authorized_keys.
  A user could symlink their ~/.ssh/authorized_keys to a root-owned file
  they couldn't normally read.  If they managed to get that file to contain
  valid authorized_keys with command= options it might be possible to read
  other contents of that file.  This information disclosure is to an already
  authenticated user.  Thanks to Jann Horn of Google Project Zero for
  reporting this.

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
  • Git repository management for enterprise teams powered by Atlassian Bitbucket
  • Atlassian Bitbucket v6.7.2
  • Documentation
  • Request a feature
  • About
  • Contact Atlassian
Atlassian
»

Jira Issues

Close

Everything looks good. We'll let you know here if there's anything you should know about.