I've prepared an NMU to fix this issue. Attached is the debdiff. Note
that I also had to fix the FTBFS, bug #602312.
I'm going to look for a sponsor to upload this, but if you want to
take care of it yourselff, that won't be necessary:
http://mentors.debian.net/debian/pool/main/i/isc-dhcp
Note
Package: isc-dhcp-client
Version: 4.1.1-P1-16
Severity: critical
Tags: security
Justification: root security hole
Hi.
CVE-2011-0997 has been found
(http://www.isc.org/software/dhcp/advisories/cve-2011-0997),
which allows a DHCP server to execute shell commands on the clients.
Cheers,
Chris.
2 matches
Mail list logo