Your message dated Tue, 18 Sep 2012 10:41:36 +0000
with message-id <[email protected]>
and subject line Bug#686174: fixed in isc-dhcp 4.2.2.dfsg.1-5+deb70u1
has caused the Debian Bug report #686174,
regarding isc-dhcp: CVE-2012-3570 CVE-2012-3571 CVE-2012-3954
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact [email protected]
immediately.)
--
686174: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=686174
Debian Bug Tracking System
Contact [email protected] with problems
--- Begin Message ---
Package: isc-dhcp
Severity: grave
Tags: security
Justification: user security hole
The following security issues are still open in Wheezy and sid:
CVE-2012-3954: https://kb.isc.org/article/AA-00737
CVE-2012-3571: https://kb.isc.org/article/AA-00712
CVE-2012-3570: https://kb.isc.org/article/AA-00714
Cheers,
Moritz
--- End Message ---
--- Begin Message ---
Source: isc-dhcp
Source-Version: 4.2.2.dfsg.1-5+deb70u1
We believe that the bug you reported is fixed in the latest version of
isc-dhcp, which is due to be installed in the Debian FTP archive.
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to [email protected],
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Michael Gilbert <[email protected]> (supplier of updated isc-dhcp package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing [email protected])
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
Format: 1.8
Date: Fri, 14 Sep 2012 00:26:44 -0400
Source: isc-dhcp
Binary: isc-dhcp-server isc-dhcp-server-dbg isc-dhcp-server-ldap
isc-dhcp-common isc-dhcp-dev isc-dhcp-client isc-dhcp-client-dbg
isc-dhcp-client-udeb isc-dhcp-relay isc-dhcp-relay-dbg
Architecture: source amd64
Version: 4.2.2.dfsg.1-5+deb70u1
Distribution: testing-proposed-updates
Urgency: high
Maintainer: Debian ISC DHCP maintainers <[email protected]>
Changed-By: Michael Gilbert <[email protected]>
Description:
isc-dhcp-client - ISC DHCP client
isc-dhcp-client-dbg - ISC DHCP client (debugging symbols)
isc-dhcp-client-udeb - ISC DHCP Client for debian-installer (udeb)
isc-dhcp-common - common files used by all the isc-dhcp* packages
isc-dhcp-dev - API for accessing and modifying the DHCP server and client state
isc-dhcp-relay - ISC DHCP relay daemon
isc-dhcp-relay-dbg - DHCP relay daemon (debugging symbols)
isc-dhcp-server - ISC DHCP server for automatic IP address assignment
isc-dhcp-server-dbg - ISC DHCP server for automatic IP address assignment
(debug)
isc-dhcp-server-ldap - DHCP server able to use LDAP as backend
Closes: 686174
Changes:
isc-dhcp (4.2.2.dfsg.1-5+deb70u1) testing-proposed-updates; urgency=high
.
* Correct multiple security issues (closes: #686174)
- cve-2012-3570: buffer overflow via large hardware address lengths.
- cve-2012-3571: denial-of-service via zero-length packets.
- cve-2012-3954: two potential memory leaks.
- cve-2012-3955: server abort due to certain lease time changes.
Checksums-Sha1:
35c07b2156496ef69b059ce8d563c3b4789a176e 3322
isc-dhcp_4.2.2.dfsg.1-5+deb70u1.dsc
19287571ebb08d3567be005537f1a6870fdce10d 7347700
isc-dhcp_4.2.2.dfsg.1.orig.tar.gz
cbcea14110a75c4a29325824da6c409a523bdc08 95575
isc-dhcp_4.2.2.dfsg.1-5+deb70u1.debian.tar.gz
49669c068b1fb45b260dbf7c51ec864d17f93c28 928422
isc-dhcp-server_4.2.2.dfsg.1-5+deb70u1_amd64.deb
2f17cd4d4c107c86cdda96c7bac81759a6d3d177 2566424
isc-dhcp-server-dbg_4.2.2.dfsg.1-5+deb70u1_amd64.deb
2dd23c3eb3a42866bb233ee95139eaa851de3054 884038
isc-dhcp-server-ldap_4.2.2.dfsg.1-5+deb70u1_amd64.deb
e73fa35e693c20ee0c15d7fb42cedb66b1163571 847874
isc-dhcp-common_4.2.2.dfsg.1-5+deb70u1_amd64.deb
4d1e65aceb13d5300c9a814822a5152b04b99e66 773250
isc-dhcp-dev_4.2.2.dfsg.1-5+deb70u1_amd64.deb
2446ce3074bd9d8dc33fcaec67694cf64c2eebc0 788750
isc-dhcp-client_4.2.2.dfsg.1-5+deb70u1_amd64.deb
676e98ef69230382cdaee495177c7fa680948554 2238482
isc-dhcp-client-dbg_4.2.2.dfsg.1-5+deb70u1_amd64.deb
d2a1a053461bafd6f7e55c2f2208db3df919b5f6 596450
isc-dhcp-client-udeb_4.2.2.dfsg.1-5+deb70u1_amd64.udeb
f0f8ecbcbbe5294349096c83ab463ed126626b19 729102
isc-dhcp-relay_4.2.2.dfsg.1-5+deb70u1_amd64.deb
e289282a6e62d99a196951232c01b0ce1679d2cf 2141234
isc-dhcp-relay-dbg_4.2.2.dfsg.1-5+deb70u1_amd64.deb
Checksums-Sha256:
a2208eab2760e22e0c784ea5c16d97eefb9e395ce02b8197160da64a5f2e5782 3322
isc-dhcp_4.2.2.dfsg.1-5+deb70u1.dsc
23b2e175c59f2b59c55f1998c8f9eb6bd05c4da7295f926653f6f2f769f53f06 7347700
isc-dhcp_4.2.2.dfsg.1.orig.tar.gz
3043cc99070aa8ac5f35f09aaac892c9574e2c6a7f666dbec273e56440438aa0 95575
isc-dhcp_4.2.2.dfsg.1-5+deb70u1.debian.tar.gz
acf850075adf5af4898b12ddbf297be12ce46ea7bcb2bfe678e76bddd9b5bfd4 928422
isc-dhcp-server_4.2.2.dfsg.1-5+deb70u1_amd64.deb
808dced8e69d7cea97eaafc0c52283cca97638988bef7f5c55e4313a4d9acc3a 2566424
isc-dhcp-server-dbg_4.2.2.dfsg.1-5+deb70u1_amd64.deb
2eff95528f9edd3f77f5cba44f99002889530dabd297fd513ab4e289c07b6830 884038
isc-dhcp-server-ldap_4.2.2.dfsg.1-5+deb70u1_amd64.deb
79a5cbacfaeeb881e54fea23b3a548eaed9021b954f6365120d080f49299b29b 847874
isc-dhcp-common_4.2.2.dfsg.1-5+deb70u1_amd64.deb
85e5a549dd2c4ba03bb8adfbd47164b1a96862bbfa894aeed439700d5d7fd806 773250
isc-dhcp-dev_4.2.2.dfsg.1-5+deb70u1_amd64.deb
ef60d2c47e0ea32fdb012afb5240d8c7aece6f4826be1f7cf005a39cc116b7b4 788750
isc-dhcp-client_4.2.2.dfsg.1-5+deb70u1_amd64.deb
a7be3008fef28c6ffc775d07ea3b37904bb82c9923fc200db3223263f81ebbb7 2238482
isc-dhcp-client-dbg_4.2.2.dfsg.1-5+deb70u1_amd64.deb
c8ae3ef94da7f37cf3ec506791b3a613ca7292c3637c409cb03d2793208e0884 596450
isc-dhcp-client-udeb_4.2.2.dfsg.1-5+deb70u1_amd64.udeb
4893fbe6151c14a6756f82d00917c935c766f531635926651c867df9ed8541fd 729102
isc-dhcp-relay_4.2.2.dfsg.1-5+deb70u1_amd64.deb
572e1d146e9963447d9a9d1b14fdc07261c4b47984322907b3324aa64a202511 2141234
isc-dhcp-relay-dbg_4.2.2.dfsg.1-5+deb70u1_amd64.deb
Files:
8abdc401651046ea85d619e4d74948ad 3322 net important
isc-dhcp_4.2.2.dfsg.1-5+deb70u1.dsc
a0373968ccf5f974dcc0727e4110dbc3 7347700 net important
isc-dhcp_4.2.2.dfsg.1.orig.tar.gz
f593cc202483d78d0a27366dd4a6cb2c 95575 net important
isc-dhcp_4.2.2.dfsg.1-5+deb70u1.debian.tar.gz
980b0edd8c5cc68995a179d92f2d0abc 928422 net optional
isc-dhcp-server_4.2.2.dfsg.1-5+deb70u1_amd64.deb
5bb881781f01f0ee5cd15f3121c05158 2566424 debug extra
isc-dhcp-server-dbg_4.2.2.dfsg.1-5+deb70u1_amd64.deb
4029a984629f30a872e771a0822d1c8f 884038 net optional
isc-dhcp-server-ldap_4.2.2.dfsg.1-5+deb70u1_amd64.deb
5692ec472a15466001e0bd9e013f62c4 847874 net important
isc-dhcp-common_4.2.2.dfsg.1-5+deb70u1_amd64.deb
e45cee8d0034feb301684a754e2815a1 773250 devel optional
isc-dhcp-dev_4.2.2.dfsg.1-5+deb70u1_amd64.deb
c3818118967582a91c6e762e7984696c 788750 net important
isc-dhcp-client_4.2.2.dfsg.1-5+deb70u1_amd64.deb
088c50feb7d64ae62bcea82e3fab6118 2238482 debug extra
isc-dhcp-client-dbg_4.2.2.dfsg.1-5+deb70u1_amd64.deb
74828a6da6b819e2374aacd7c18e007e 596450 debian-installer extra
isc-dhcp-client-udeb_4.2.2.dfsg.1-5+deb70u1_amd64.udeb
b017d707e9bd20434a15e033ed2741ee 729102 net optional
isc-dhcp-relay_4.2.2.dfsg.1-5+deb70u1_amd64.deb
2763515d7e2899350a7a32ac15253768 2141234 debug extra
isc-dhcp-relay-dbg_4.2.2.dfsg.1-5+deb70u1_amd64.deb
Package-Type: udeb
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.12 (GNU/Linux)
iQQcBAEBCAAGBQJQV5zSAAoJELjWss0C1vRzCaQf/0bCBt/W+AscEbfz9CRzS7Vt
9Vc3MsHVqoC4kmfJx5kn/UbUHoYvEqcb+TFeu00TjNj0bM9inR1Lhm2xJZIHYu08
E4LOA7y8a4+DuF6TQbcOICJ5/mOfGnqCZoGtgjEPnTO5YyNp2baOSZLGZJMtyQxZ
uMB8XPRTOrElPFymd/68aYeGZydbpVqE+jbV33JdZxM4dF+X5X2b12VDjUyQkzvh
X+pgDcOe9SINqj82eadGr6X1qnj8V3adGPiIXAwdhgmpY97GMWMT7c+f57Wgpeqj
32LxvJtpNvyF3Xm6g6nVTfG2fwJr8InevLiPOvYNsrDtV39sorwgUEVg1v1s116m
llkXlOzsGrzqE0qiBz8vZn2G3JW4rYzewtClthg/n6vJjElWL65Yctoe0VXJkwrt
8I0eVgdtGoGdHEcu3BcqBi2XXndePe1IdmiV1JTlKel7EKkt3pEP5EiNYSF1PYG/
UrpET0KrC+oGw90vVQ+TDKwtwDuSUf6gwA2w1q9ol1dM2q867WePUmNCW2+Zfe/O
wocngef+0zzU08VfkZcLezqfXvxDDHl4Za5+RoIzhHzYYAh8cpi2KqtD4vupoSpN
1z6Vbq4KrrM6iPsiCGlU/qQ804JuE2wWhQWO+TmRXwSdsh6PS2ZGu+oh9wTJ/mkO
fvZwr/8vSCs8SOYFpvqZAD1BcEOCMs8z0EtUXxd5HgA2KoLmlle4R4vKb1/N1iCp
nq/Gx4c3Ufuesm5uPbiAaEh8WRGtTQGLDp/h0G4oFufoGys5aXrLvBv+BFx90P3J
zn59Il4G/SdMyK+HLXz7dtCGieGw145CA3IFbdlNr8yP8oysYj9arfb1PpAIZKaO
/EOzZlBopJQYodCG48rSDc5wox9/xxcuS5GX6WeGfplS+D0mHSqJzfOPD5fGC5kZ
1ObyGa8C1uZ99AOL+5jarGgtEq2EKb4GlYoinHiGrAkOicCHfuUzkfBUV+UBMuSu
haqG0fSil7XyOBqTUdQ7hZLCYGSCfmNdAHXnyfFfn/D81nFh5ri2rgqdrWkn7IWz
oLOLj8R42QnLIMoKQqflJVXsCcn3jHE899XRTTWmd/CU8hfu6TI8Jr8EwbaQO1T6
wuppVIuSZiqUEzTX+Bkwfv2LNy6RPi4dEQH4Fbfh0wQSWzfMSm9XIMfnXo2RqldV
gblIZEXLTuOrr6G90GM/lRN3XQJZMQ3qs4sN2GM/vLMDrrNcoCpc5W5p8uD6SjhU
jccvUss+3BX9CUCQw0qSe9lHq3ZgT3PHf83NQ4n0vs1BnQM4rYvURwjfpEngWzyf
khL/SBzN+r7jPrpOkZa0oIRSlthvkE4M36+9IQmVNu3J+A6CwyxPpR5V0dT7sRM=
=jkJ4
-----END PGP SIGNATURE-----
--- End Message ---
