Thank you for the clarification. We are currently running *Kea 3.0.0*, so based on your response, we understand that this version is not impacted by the CVE referenced in USN-7759-1.
Appreciate your guidance. Best regards, Dipesh On Wed, Sep 24, 2025 at 10:27 PM <[email protected]> wrote: > Send Kea-users mailing list submissions to > [email protected] > > To subscribe or unsubscribe via the World Wide Web, visit > https://lists.isc.org/mailman/listinfo/kea-users > or, via email, send a message with subject or body 'help' to > [email protected] > > You can reach the person managing the list at > [email protected] > > When replying, please edit your Subject line so it is more specific > than "Re: Contents of Kea-users digest..." > > > Today's Topics: > > 1. Re: Inquiry regarding impact of USN-7759-1 on Kea DHCP > (Dipesh Kayastha) > 2. Re: Inquiry regarding impact of USN-7759-1 on Kea DHCP (Ben Scott) > > > ---------------------------------------------------------------------- > > Message: 1 > Date: Wed, 24 Sep 2025 22:07:43 +0530 > From: Dipesh Kayastha <[email protected]> > To: [email protected] > Subject: Re: [Kea-users] Inquiry regarding impact of USN-7759-1 on Kea > DHCP > Message-ID: > < > cakx_gjtlnrsxpwmfm6mbaxqd-svbenx-owcx55fsvzqknou...@mail.gmail.com> > Content-Type: text/plain; charset="utf-8" > > Hello Dan, > > Yes, this is different. https://ubuntu.com/security/notices/USN-7759-1 > > Regards, > Dipesh > > On Wed, Sep 24, 2025 at 9:38?PM <[email protected]> wrote: > > > Send Kea-users mailing list submissions to > > [email protected] > > > > To subscribe or unsubscribe via the World Wide Web, visit > > https://lists.isc.org/mailman/listinfo/kea-users > > or, via email, send a message with subject or body 'help' to > > [email protected] > > > > You can reach the person managing the list at > > [email protected] > > > > When replying, please edit your Subject line so it is more specific > > than "Re: Contents of Kea-users digest..." > > > > > > Today's Topics: > > > > 1. Inquiry regarding impact of USN-7759-1 on Kea DHCP > > (Dipesh Kayastha) > > 2. Re: Inquiry regarding impact of USN-7759-1 on Kea DHCP (Dan Oachs) > > 3. Re: Inquiry regarding impact of USN-7759-1 on Kea DHCP (Dan Oachs) > > > > > > ---------------------------------------------------------------------- > > > > Message: 1 > > Date: Wed, 24 Sep 2025 21:30:00 +0530 > > From: Dipesh Kayastha <[email protected]> > > To: [email protected] > > Subject: [Kea-users] Inquiry regarding impact of USN-7759-1 on Kea > > DHCP > > Message-ID: > > < > > cakx_gjuknrrleqctaxn9xmsw06wvo_g0ny-xn3zrnpcgkj5...@mail.gmail.com> > > Content-Type: text/plain; charset="utf-8" > > > > Hello Kea Team, > > > > > > Ubuntu recently published the following security notice: > > > > *USN-7759-1: [Title of the notice, e.g., ISC DHCP vulnerabilities]* > > > > https://ubuntu.com/security/notices/USN-7759-1 > > > > > > Could you please confirm if this advisory affects *Kea DHCP* in any way? > > > > We want to ensure that our deployments of Kea are not impacted by the > > vulnerabilities listed. > > > > > > Thank you for your guidance. > > > > > > Best regards, > > Dipesh > > -------------- next part -------------- > > An HTML attachment was scrubbed... > > URL: < > > > https://lists.isc.org/pipermail/kea-users/attachments/20250924/3b3c0379/attachment-0001.htm > > > > > > > ------------------------------ > > > > Message: 2 > > Date: Wed, 24 Sep 2025 11:06:50 -0500 > > From: Dan Oachs <[email protected]> > > To: "Kea user's list" <[email protected]> > > Subject: Re: [Kea-users] Inquiry regarding impact of USN-7759-1 on Kea > > DHCP > > Message-ID: > > <CAE4qXG8OA5fDZEL4ubc3esRz55TMKvzzBAmx9DsO60T= > > [email protected]> > > Content-Type: text/plain; charset="utf-8" > > > > I believe the answer is yes, this impacts ISC Kea. See this for more > > details: > > > > https://lists.isc.org/pipermail/kea-announce/2025-August/000131.html > > > > --Dan > > > > > > On Wed, Sep 24, 2025 at 11:00?AM Dipesh Kayastha < > > [email protected]> wrote: > > > > > Hello Kea Team, > > > > > > > > > Ubuntu recently published the following security notice: > > > > > > *USN-7759-1: [Title of the notice, e.g., ISC DHCP vulnerabilities]* > > > > > > https://ubuntu.com/security/notices/USN-7759-1 > > > > > > > > > Could you please confirm if this advisory affects *Kea DHCP* in any > way? > > > > > > We want to ensure that our deployments of Kea are not impacted by the > > > vulnerabilities listed. > > > > > > > > > Thank you for your guidance. > > > > > > > > > Best regards, > > > Dipesh > > > -- > > > ISC funds the development of this software with paid support > > > subscriptions. Contact us at https://www.isc.org/contact/ for more > > > information. > > > > > > To unsubscribe visit https://lists.isc.org/mailman/listinfo/kea-users. > > > [email protected] > > > < > > https://lists.isc.org/mailman/listinfo/[email protected] > > > > > > > -------------- next part -------------- > > An HTML attachment was scrubbed... > > URL: < > > > https://lists.isc.org/pipermail/kea-users/attachments/20250924/fba10d14/attachment-0001.htm > > > > > > > ------------------------------ > > > > Message: 3 > > Date: Wed, 24 Sep 2025 11:08:29 -0500 > > From: Dan Oachs <[email protected]> > > To: "Kea user's list" <[email protected]> > > Subject: Re: [Kea-users] Inquiry regarding impact of USN-7759-1 on Kea > > DHCP > > Message-ID: > > < > > cae4qxg9ydo9nqf77t8mgf0jhhihslpr71lgxrjsdr-16bsm...@mail.gmail.com> > > Content-Type: text/plain; charset="utf-8" > > > > Sorry, I think I got my CVE's mixed up. These two are different. > > > > --Dan > > > > > > On Wed, Sep 24, 2025 at 11:06?AM Dan Oachs <[email protected]> wrote: > > > > > I believe the answer is yes, this impacts ISC Kea. See this for more > > > details: > > > > > > https://lists.isc.org/pipermail/kea-announce/2025-August/000131.html > > > > > > --Dan > > > > > > > > > On Wed, Sep 24, 2025 at 11:00?AM Dipesh Kayastha < > > > [email protected]> wrote: > > > > > >> Hello Kea Team, > > >> > > >> > > >> Ubuntu recently published the following security notice: > > >> > > >> *USN-7759-1: [Title of the notice, e.g., ISC DHCP vulnerabilities]* > > >> > > >> https://ubuntu.com/security/notices/USN-7759-1 > > >> > > >> > > >> Could you please confirm if this advisory affects *Kea DHCP* in any > way? > > >> > > >> We want to ensure that our deployments of Kea are not impacted by the > > >> vulnerabilities listed. > > >> > > >> > > >> Thank you for your guidance. > > >> > > >> > > >> Best regards, > > >> Dipesh > > >> -- > > >> ISC funds the development of this software with paid support > > >> subscriptions. Contact us at https://www.isc.org/contact/ for more > > >> information. > > >> > > >> To unsubscribe visit https://lists.isc.org/mailman/listinfo/kea-users > . > > >> [email protected] > > >> < > > https://lists.isc.org/mailman/listinfo/[email protected] > > > > >> > > > > > -------------- next part -------------- > > An HTML attachment was scrubbed... > > URL: < > > > https://lists.isc.org/pipermail/kea-users/attachments/20250924/cdd91c4f/attachment.htm > > > > > > > ------------------------------ > > > > Subject: Digest Footer > > > > _______________________________________________ > > > > ISC funds the development of this software with paid support > > subscriptions. Contact us at https://www.isc.org/contact/ for more > > information. > > > > Kea-users mailing list > > [email protected] > > https://lists.isc.org/mailman/listinfo/kea-users > > > > > > ------------------------------ > > > > End of Kea-users Digest, Vol 135, Issue 18 > > ****************************************** > > > -------------- next part -------------- > An HTML attachment was scrubbed... > URL: < > https://lists.isc.org/pipermail/kea-users/attachments/20250924/2c3a906b/attachment-0001.htm > > > > ------------------------------ > > Message: 2 > Date: Wed, 24 Sep 2025 12:57:36 -0400 > From: Ben Scott <[email protected]> > To: [email protected] > Subject: Re: [Kea-users] Inquiry regarding impact of USN-7759-1 on Kea > DHCP > Message-ID: <[email protected]> > Content-Type: text/plain; charset=UTF-8; format=flowed > > On 9/24/25 12:00, Dipesh Kayastha wrote: > > *USN-7759-1: [Title of the notice, e.g., ISC DHCP vulnerabilities]* > > Could you please confirm if this advisory affects *Kea DHCP* in any way? > > The notice in question appears to reference a CVE from six years ago. > If you are running a six-year-old version of Kea from ISC, then yes, > you would be affected by that CVE. > > If you have questions about what Canonical (Ubuntu) is doing, you > really need to ask Canonical. Those are their notices and their > releases. ISC cannot speak to their practices. > > -- Ben > > -- > Any opinions expressed in this message are those of the author alone. > All information is provided without warranty of any kind. > > > > ------------------------------ > > Subject: Digest Footer > > _______________________________________________ > > ISC funds the development of this software with paid support > subscriptions. Contact us at https://www.isc.org/contact/ for more > information. > > Kea-users mailing list > [email protected] > https://lists.isc.org/mailman/listinfo/kea-users > > > ------------------------------ > > End of Kea-users Digest, Vol 135, Issue 19 > ****************************************** >
-- ISC funds the development of this software with paid support subscriptions. Contact us at https://www.isc.org/contact/ for more information. To unsubscribe visit https://lists.isc.org/mailman/listinfo/kea-users. [email protected]
