Hi Jose and LTS team I have prepared a security update of dhcpcd5 to correct the problems described in CVE-2014-7912 and CVE-2014-7913. For more information see here: https://security-tracker.debian.org/tracker/source-package/dhcpcd5
What I did was to manually apply the correction made for android. I have performed regression testing by installing the fixed dhcpcd5 and see that I can get a lease from my dhcpd. It works just fine so I guess I have not broken anything. I have not tested the specific problem. I trust that Android developers have done that. Packages for testing are available here: http://apt.inguza.net/wheezy-security/dhcpcd5 You can find the debdiff here: http://apt.inguza.net/wheezy-security/dhcpcd5/CVE-2014-7912-CVE-2014-7913.debdiff If there are no objections I will upload the corrected package to wheezy-security in four days. That is on monday. Best regards, // Ola -- --------------------- Ola Lundqvist --------------------------- / [email protected] Folkebogatan 26 \ | [email protected] 654 68 KARLSTAD | | http://inguza.com/ +46 (0)70-332 1551 | \ gpg/f.p.: 7090 A92B 18FE 7994 0C36 4FE4 18A1 B1CF 0FE5 3DD9 / ---------------------------------------------------------------
