Post from 2025-05-13 05:46:51
[oss-security] Dropbear SSH 2025.88 fixes CVE-2025-47203
https://seclists.org/oss-sec/2025/q2/116
"Don't allow dbclient hostname arguments to be interpreted by the shell."
Sounds like fun on many embedded devices :) Original announcement:
https://lists.ucc.gu.uwa.edu.au/pipermail/dropbear/2025q2/002385.html
permalink
|
main