Debian Linux Security Advisory 2976-1 - Stephane Chazelas discovered that the GNU C library, glibc, processed ".." path segments in locale-related environment variables, possibly allowing attackers to circumvent intended restrictions, such as ForceCommand in OpenSSH, assuming that they can supply crafted locale settings.
94c9d56b614e336f0300c3fd5f848715f37c4785060190c3964e8ca986c48b52