Debian LTS DLA-4169-1: dropbear local command execution risk fixed

Marcin Nowak discovered that dbclient(1) hostname arguments with a comma (for multihop) are passed to the shell which could result in running arbitrary shell commands locally. That could be a security issue in situations where dbclient(1) is passed untrusted hostname arguments.LinuxSecurity – Security AdvisoriesRead More