Your message dated Wed, 19 Nov 2014 19:03:58 +0000
with message-id <[email protected]>
and subject line Bug#770043: fixed in dhcpcd5 6.0.5-2
has caused the Debian Bug report #770043,
regarding dhcpcd5: CVE-2014-6060: Denial of Service
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact [email protected]
immediately.)
--
770043: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=770043
Debian Bug Tracking System
Contact [email protected] with problems
--- Begin Message ---
Package: dhcpcd5
Severity: important
Tags: security patch
dhcpd5 is vulnerable to the CVE-2014-6060 which can cause a denial of service:
https://security-tracker.debian.org/tracker/CVE-2014-6060
Please find attached the debdiff & dsc for NMU upload which fixes the
vulnerability in unstable.
-- System Information:
Debian Release: jessie/sid
APT prefers unstable
APT policy: (500, 'unstable')
Architecture: amd64 (x86_64)
Foreign Architectures: i386
Kernel: Linux 3.16.0-4-amd64 (SMP w/8 CPU cores)
Format: 3.0 (quilt)
Source: dhcpcd5
Binary: dhcpcd5
Architecture: any
Version: 6.0.5-1.2
Maintainer: Roy Marples <[email protected]>
Homepage: http://roy.marples.name/projects/dhcpcd
Standards-Version: 3.9.4.0
Build-Depends: debhelper (>= 9)
Package-List:
dhcpcd5 deb net optional arch=any
Checksums-Sha1:
433555ac11669333344d7ec80120f3ccdd0fcae5 110259 dhcpcd5_6.0.5.orig.tar.bz2
6b0e6b6f52ac26421fc13651e362add431b93b30 3884 dhcpcd5_6.0.5-1.2.debian.tar.xz
Checksums-Sha256:
191d0bfd7fdfa05a580a4671c0489cd782828251b5ea0b41b6d17f026a36493c 110259
dhcpcd5_6.0.5.orig.tar.bz2
aeb0154d40edfba10a3c6f8420526995fefcf8749a71f0a203454446dbc2176a 3884
dhcpcd5_6.0.5-1.2.debian.tar.xz
Files:
a65ed99460a61f42c05f652c2eaafe7c 110259 dhcpcd5_6.0.5.orig.tar.bz2
4cd653acc4baebfbea4eca217688a433 3884 dhcpcd5_6.0.5-1.2.debian.tar.xz
dhcpcd5_CVE-2014-6060.diff.gz
Description: application/gzip
--- End Message ---
--- Begin Message ---
Source: dhcpcd5
Source-Version: 6.0.5-2
We believe that the bug you reported is fixed in the latest version of
dhcpcd5, which is due to be installed in the Debian FTP archive.
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to [email protected],
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Salvatore Bonaccorso <[email protected]> (supplier of updated dhcpcd5 package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing [email protected])
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Format: 1.8
Date: Wed, 19 Nov 2014 17:08:30 +0100
Source: dhcpcd5
Binary: dhcpcd5
Architecture: source amd64
Version: 6.0.5-2
Distribution: unstable
Urgency: medium
Maintainer: Debian QA Group <[email protected]>
Changed-By: Salvatore Bonaccorso <[email protected]>
Description:
dhcpcd5 - DHCPv4, IPv6RA and DHCPv6 client with IPv4LL support
Closes: 770043
Changes:
dhcpcd5 (6.0.5-2) unstable; urgency=medium
.
* QA upload.
.
[ Pierre Schweitzer ]
* Fix denial of service (CVE-2014-6060) in dhcpcd5. (Closes: #770043).
.
[ Salvatore Bonaccorso ]
* Refresh CVE-2014-6060.patch (offset)
* Update patch headers for CVE-2014-6060.patch.
Wrap long lines in fields and use Description field.
Add Applied-Upstream value.
* Set Maintainer to Debian QA Group (cf. #770082)
Checksums-Sha1:
9cb9500ffe349e2ad66f9bb97456a97daade0fea 1699 dhcpcd5_6.0.5-2.dsc
7dd89b13f283a3c8be076c9c9d7a725928247b05 4156 dhcpcd5_6.0.5-2.debian.tar.xz
Checksums-Sha256:
ef6e7f33f8ffe81e81f7c313dc7e2c716fcffce43d5c67cc5294b694068ec473 1699
dhcpcd5_6.0.5-2.dsc
1f8a41b0176f06bb26cfe0428937a1df5d19a2af547847cade0d672cdbd67c72 4156
dhcpcd5_6.0.5-2.debian.tar.xz
Files:
08ffeab2fe4b6591ca43e0b1fb08ff7c 1699 net optional dhcpcd5_6.0.5-2.dsc
d5be97808852e490ddb0b3abb9abbd38 4156 net optional
dhcpcd5_6.0.5-2.debian.tar.xz
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
iQIcBAEBCgAGBQJUbObjAAoJEAVMuPMTQ89E6PIP/j2w5XgyI4/x8Pp78vnIC1yY
TWlkeL0nxpW6t6yY4cWFrT56GJonZFyCw5nCTOOt1rU6787A2koJcRb3ij/LytKg
2L3cIo248vcEgAEENPAE4qnPmZ6/Sk9Tqlo+HdomGun+MzZno2Tru9zox4ZckPwE
s+y6trIPJUGdmRp0c/k59lk/xr59kiQ1TO2IbRFOOHKywvuC/DyvLWsOUmjg6Suz
XhwNgZX6hhu8pu3b2C3/edu70qkTq96NtDQNjvVq+2WuLwMUKnDSWxlsbqs8EOvj
IgkXYJud8yY510XfM3z3A6qCS1jYnloCdG0hdT3jS4knDUIsJclwHrebNOYjscsJ
YIufnn2zuEX+gGqAhX8S6VQqTmaqVfq7lxhdzBbLV2eTTItUHoQ0cXeBGn15enOv
crASttBB/VXvA+jozNhrn8mBJlatod0LuvNeMt16TBinW3L2TjPmSDVJMbftOG3G
bAJIh6VnvuOECKN9nwjCOpSwhFmEabwubXKNPdX0sEjza9QeNZyC0aXRQQwH6n3Y
lLjflJoCSn9x6VR/141jJdvv4dbr4ZQi4e/4d4rY1qW0zteSpE/B2UAZ9vuvEw5m
xUDXInvM1ykq1lMOaDEA9b+4Xx69OQNa1pj7usxMwJn36GsDhjICplUnkgfuEb4M
qH1FW78pBQ4SchEu3pdz
=GmE9
-----END PGP SIGNATURE-----
--- End Message ---
