This vulnerability is located within the Dropbear daemon and occurs due
to the way the server manages channels concurrency. A specially crafted
request can trigger a `use after free` condition which can be used to
execute arbitrary code under root privileges provided the user has been
authenticated using a public key (authorized_keys file) and a command
restriction is enforced (command option).
Upgrade to 2012.55
2012-01-24 - Vulnerability reported to vendor.
2012-02-24 - Coordinated public release of advisory.
in the tree
Arches, please test and mark stable:
Target keywords : "alpha amd64 arm hppa ia64 m68k ppc ppc64 s390 sh sparc x86"
Is sys-libs/zlib-188.8.131.52-r2 good to go stable?
sys-libs/zlib-1.2.6 might be too new.
Can you respond to jer's question?
i rewrote the dep to not require newer zlib
Stable for HPPA.
Stable on alpha.
Thanks, everyone GLSA request filed.
Use-after-free vulnerability in Dropbear SSH Server 0.52 through 2012.54,
when command restriction and public key authentication are enabled, allows
remote authenticated users to execute arbitrary code and bypass command
restrictions via multiple crafted command requests, related to "channels
This issue was resolved and addressed in
GLSA 201309-20 at http://security.gentoo.org/glsa/glsa-201309-20.xml
by GLSA coordinator Chris Reffett (creffett).