Source: isc-kea Version: 1.5.0-2 Severity: grave Tags: security upstream Hi,
The following vulnerabilities were published for isc-kea. CVE-2019-6472[0]: |A packet containing a malformed DUID can cause the kea-dhcp6 server to |terminate CVE-2019-6473[1]: |An invalid hostname option can cause the kea-dhcp4 server to terminate CVE-2019-6474[2]: |An oversight when validating incoming client requests can lead to a |situation where the Kea server will exit when trying to restart If you fix the vulnerabilities please also make sure to include the CVE (Common Vulnerabilities & Exposures) ids in your changelog entry. For further information see: [0] https://security-tracker.debian.org/tracker/CVE-2019-6472 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-6472 [1] https://security-tracker.debian.org/tracker/CVE-2019-6473 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-6473 [2] https://security-tracker.debian.org/tracker/CVE-2019-6474 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-6474 Please adjust the affected versions in the BTS as needed. Regards, Salvatore
