-----------------------------------------------------------------------------
Matt Johnston wrote:
There is a potential security issue, which may allow authenticated users to run arbitrary code as the server user. I'm unsure exactly how likely it is to be exploitable, but anyone who's running a multi-user server is advised to upgrade or patch.
------------------------------------------------------------------------------
I have re-compiled the Dropbear 0.44 SSH server released with FREESCO v0.3.4 and included the security patch. It available for download and installation. If you do not have multiple clients connecting and using FREESCO's built in SSH server then this upgrade is not necessary.
How to install from a command line on a hard drive install ONLY type:
cd /boot/bin
snarf <a href='http://www.freesco.net/034/dropbear' target='_blank'>http://www.freesco.net/034/dropbear</a>
chmod +x dropbear
rc_sshd restart
Regards,
Lewis Baughman