SECURITY NOTICE : Update Dropbear in Deb6 Stable from Deb6 Testing
Dropbear home page
"Security update 2012.55 — releases from 0.52 to 2011.54 are potentially vulnerable to code execution as root by an authenticated user if a command="..." option is used in authorized_keys. Release 2012.55 fixes the problem."
Debian stable (squeeze) is running Dropbear sshd v0.52.
Debian testing (wheezy) includes Dropbear sshd v2012.55
Luckily, you can install Dropbear sshd v2012.55 from the testing repo on your stable system without breaking anything.
1) Add testing to your /etc/apt/sources.list
2) Create an /etc/apt/preferences file that tells apt the priority order for version control between stable, testing, unsable.
3) apt-get update
4) apt-get install dropbear/testing
Read and learn
Have fun and stay safe kids!
Credits go to John H. Robinson, IV email@example.com for the doc on apt pinning.
Signatures are to identify who I am. I'm me. Who the hell are you?