update to dropbear-2025.89
- Security: Avoid privilege escalation via unix stream forwarding in Dropbear
server. Other programs on a system may authenticate unix sockets via
SO_PEERCRED, which would be root user for Dropbear forwarded connections
- Security: Include scp fix for CVE-2019-6111. This allowed
a malicious server to overwrite arbitrary local files.
- Don't limit channel window to 500MB. That is could cause stuck connections
if peers advise a large window and don't send an increment within 500MB.
Affects SSH.NET https://github.com/sshnet/SSH.NET/issues/1671
and some others
update to dropbear-2025.89
- Security: Avoid privilege escalation via unix stream forwarding in Dropbear
server. Other programs on a system may authenticate unix sockets via
SO_PEERCRED, which would be root user for Dropbear forwarded connections
- Security: Include scp fix for CVE-2019-6111. This allowed
a malicious server to overwrite arbitrary local files.
- Don't limit channel window to 500MB. That is could cause stuck connections
if peers advise a large window and don't send an increment within 500MB.
Affects SSH.NET https://github.com/sshnet/SSH.NET/issues/1671
and some others