Advisories ยป MGASA-2025-0158

Updated dropbear packages fix security vulnerability

Publication date: 16 May 2025
Modification date: 16 May 2025
Type: security
Affected Mageia releases : 9
CVE: CVE-2025-47203

Description

dbclient in Dropbear SSH before 2025.88 allows command injection via an
untrusted hostname argument, because a shell is used.

References

SRPMS

9/core