I've also sent your debdiff to Debian. ** Bug watch added: Debian Bug tracker #659983 http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=659983
** Also affects: dhcpcd (Debian) via http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=659983 Importance: Unknown Status: Unknown ** Changed in: dhcpcd (Ubuntu Lucid) Status: Confirmed => Fix Committed ** Changed in: dhcpcd (Ubuntu Maverick) Status: Incomplete => Fix Committed ** Changed in: dhcpcd (Ubuntu Maverick) Assignee: Zubin Mithra (zubin-mithra) => (unassigned) ** Changed in: dhcpcd (Ubuntu Natty) Status: Confirmed => Fix Committed ** Changed in: dhcpcd (Ubuntu Oneiric) Status: Confirmed => Fix Committed -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/931036 Title: dhcpcd before 5.2.12 allows remote attackers to execute arbitrary commands via shell metacharacters in a hostname obtained from a DHCP message. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/dhcpcd/+bug/931036/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs