Hi all, Dropbear SSH 2016.72 is released. This has a single change, a security fix. If X11 forwarding is enabled a user could bypass any "command=" restrictions in authorized_keys and run any command as their own user (or perform other operations allowed by the "xauth" binary such as writing files). It does not affect systems where command= restrictions are not used.
As usual downloads are at https://matt.ucc.asn.au/dropbear/dropbear.html The patch is https://secure.ucc.asn.au/hg/dropbear/rev/a3e8389e01ff Cheers, Matt 2016.72 - 9 March 2016 - Validate X11 forwarding input. Could allow bypass of authorized_keys command= restrictions, found by github.com/tintinweb. Thanks to Damien Miller for a patch.
