-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Package : pump Version : 0.8.24-7+deb8u1 Debian Bug : #933674
It was discovered that there was an arbitrary code execution vulnerability in the pump BOOTP and DHCP client. When copying the body of the server response, the ethernet packet length could be forged leading to being able to overwrite up to "ETH_FRAME_LEN - sizeof(*ipHdr) - sizeof(*udpHdr) - sizeof(*bresp)" bytes of stack memory. Thanks to <[email protected]> for the report and patch. For Debian 8 "Jessie", this issue has been fixed in pump version 0.8.24-7+deb8u1. We recommend that you upgrade your pump packages. Regards, - -- ,''`. : :' : Chris Lamb `. `'` [email protected] / chris-lamb.co.uk `- -----BEGIN PGP SIGNATURE----- iQIzBAEBCAAdFiEEwv5L0nHBObhsUz5GHpU+J9QxHlgFAl1tHDQACgkQHpU+J9Qx Hlicyw/+PNnwsVzkx0M+us36N8OxRz5oI7FAlpVrQEGxVQ3TN0CvzZbOeQtLr+V9 Rx8j1vYeboe7Pu+pPXzV63dlZ8YEoVddgbGM1+j/27pSXGqxpcYFlz36joznrisB 0N10I+s9JIyt2bTxwe3Fc3mkqQnBk/W0e5N3yVOMB4G6E31fIa/akA5e+sS/hU3I zXIRENGke0TwSnOg97bQh05j46LacxuEN4cafRNSAZfmB0JFui4J5ZTaK2Em/OhN G4VGjmxQl5beL4cYFnTuF+wJpXMCkYkMBH0qJAyXXl59SwnF/2BKYoPZe2jpTVFa Dx3b6TeMKwtYQxF3rfEbrDc+eUS2u7bkF22hD35qre2iZ1V0UI6Z5ZKnU8eUtK1i 8Lwapc+pIE+w1144c8QdJOHjwZB78D1tqh8sNS6Y1hFa0aMF8lnab7fy+cIrJ3Fs FwV/Xhuy10kb0aVX593W5br1hu4YlgPPB6I/+7pCcZ5oHKuE7Z0JVmIPLDqiKBgS u4KS0CuPehbtwZ9sUdSyM9/+bm7N34Cnp5yMePjH163XTnK8Ummg97IT0t09264p yoYgOXRtjllUTZx/m4R0xfI+QAHMvg6mGf9SuNwcDm3Ijm+8Xg0CNhIuiOpMdEUg eBysQwBZynkOBiBwysD4yotIqsDNmU+lM/6yPogbe/erKktgGHE= =SF0p -----END PGP SIGNATURE-----
