Comment 16 for bug 976360

This bug was fixed in the package dropbear - 2012.55-1

---------------
dropbear (2012.55-1) unstable; urgency=high

  * New upstream release.
    * Fix use-after-free bug that could be triggered if command="..."
      authorized_keys restrictions are used. Could allow arbitrary
      code execution or bypass of the command="..." restriction to an
      authenticated user. This bug affects releases 0.52 onwards.
      Ref CVE-2012-0920 (closes: #661150). Thanks to Danny Fullerton
      of Mantor Organization for reporting the bug.

 -- Gerrit Pape <email address hidden> Mon, 27 Feb 2012 14:18:53 +0000