-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Fri, 19 May 2017 12:47:40 +0200 Source: dropbear Binary: dropbear Architecture: source amd64 Version: 2014.65-1+deb8u2 Distribution: jessie-security Urgency: high Maintainer: Guilhem Moulin <guilhem@debian.org> Changed-By: Guilhem Moulin <guilhem@debian.org> Description: dropbear - lightweight SSH2 server and client Closes: 862970 Changes: dropbear (2014.65-1+deb8u2) stable-security; urgency=high . * Backport security fixes from 2017.75 (closes: #862970): - Fix double-free in server TCP listener cleanup A double-free in the server could be triggered by an authenticated user if dropbear is running with -a (Allow connections to forwarded ports from any host) This could potentially allow arbitrary code execution as root by an authenticated user. - Fix information disclosure with ~/.ssh/authorized_keys symlink. Dropbear parsed authorized_keys as root, even if it were a symlink. The fix is to switch to user permissions when opening authorized_keys A user could symlink their ~/.ssh/authorized_keys to a root-owned file they couldn't normally read. If they managed to get that file to contain valid authorized_keys with command= options it might be possible to read other contents of that file. This information disclosure is to an already authenticated user. Checksums-Sha1: cbaa65607d2a25d0bda3b9398cf8871f48ab6d7e 1720 dropbear_2014.65-1+deb8u2.dsc a15c03c89c405a34894322f158298bff034a138e 1858657 dropbear_2014.65.orig.tar.gz 8b898e0bfdd1fd2ae50a3f750e88929d3db4d7f9 13872 dropbear_2014.65-1+deb8u2.diff.gz eb7d08872fa2016a87f3c5fdf1d72433fd145808 180526 dropbear_2014.65-1+deb8u2_amd64.deb Checksums-Sha256: 292ba94e3c415fd3f73cf09b6250c577ce86ba60a44bb499d8d9f27b5a0e456b 1720 dropbear_2014.65-1+deb8u2.dsc 134259f52550d08353669dce1bc610a2cc2861949f9e52f924e6d096b1959d59 1858657 dropbear_2014.65.orig.tar.gz 83fb1485b409ba8308245db5595f129e2a85ad23ba1e7a5c4e11872536da1aa0 13872 dropbear_2014.65-1+deb8u2.diff.gz 1e3259cfee5e284ca7c6ba45a73e38d28ffbcf7ad0881b5a4267632fbbd43d3a 180526 dropbear_2014.65-1+deb8u2_amd64.deb Files: 19a02bc26b380d2e33e3db1f9db08671 1720 net optional dropbear_2014.65-1+deb8u2.dsc e11ed8597693c0165b72606d627df7d1 1858657 net optional dropbear_2014.65.orig.tar.gz eb02a92525699743dc01ea6e9a92eba0 13872 net optional dropbear_2014.65-1+deb8u2.diff.gz 5cd30e769773ea393a6bfd03220b55cd 180526 net optional dropbear_2014.65-1+deb8u2_amd64.deb -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEERpy6p3b9sfzUdbME05pJnDwhpVIFAlkfBFQACgkQ05pJnDwh pVJJ9A//ZxoV24ZRKGF56Y3eB8e8G2fbOhpBHxJoirhw6415/LZYFC0RlcCMUbsg NHM8V3pTq34j0jpyOEaub4Caj2Bx8SUM5w7l6pnkYspNtsGcEzj+9gLHSM0ycRTt +7SshrXQd3qkDcXyOKsgdC7YcOkVGYDoIToAzFyfkm8HPGNqpmubnoiKN8Cc4qYw wC8pwuDDKgor4/LLv0/Gv2jaFqPllNsVjSkv6+pw/+XNpkUXjissyYE074CSGyJa WOfGmUN8UytNmgpu0LvGK/XxG0zMqKQJg8/NzfDi7Kp29YQ5c8guXJRu6cyKb2oI PhQPmSh4uAToQ6whVH9f+p7zX+gs7sAW7i86hAD42veflHjclQqHdsYEW55pgs1x adxSc0UnHK6bL7VfD1ndR5/hKVTzCoVptTDLbif9hYA8OO3TmxxMwcLamC8Cdcwb MOu9vX1d3JbsrsmPiLazpfDL6mxxCC3RGxAYKMmLMJOSGV2SvMUFBEcJbyUB1eam kBx5gjPzprhc8HMuf9NKtUvRj/+9V6nNR0uQq8vfy5adIaJG6/DmanAMszBwsn9p zSorUNIf+giVoyXmtgpoQL+G/zC3dWv8bmJ/iVoOJ7Nq4GvQ6EuHAQok8suzoyWY wSdtSNeMB8lVPWia7A6ou85bP+a0ES4QYeIp+RJyeSNUaO6zwkA= =Cxoe -----END PGP SIGNATURE-----