Your message dated Tue, 25 Nov 2014 21:47:07 +0000 with message-id <e1xtnwx-0008qz...@franck.debian.org> and subject line Bug#770043: fixed in dhcpcd5 5.5.6-1+deb7u1 has caused the Debian Bug report #770043, regarding dhcpcd5: CVE-2014-6060: Denial of Service to be marked as done.
This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 770043: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=770043 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
--- Begin Message ---Package: dhcpcd5 Severity: important Tags: security patch dhcpd5 is vulnerable to the CVE-2014-6060 which can cause a denial of service: https://security-tracker.debian.org/tracker/CVE-2014-6060 Please find attached the debdiff & dsc for NMU upload which fixes the vulnerability in unstable. -- System Information: Debian Release: jessie/sid APT prefers unstable APT policy: (500, 'unstable') Architecture: amd64 (x86_64) Foreign Architectures: i386 Kernel: Linux 3.16.0-4-amd64 (SMP w/8 CPU cores)Format: 3.0 (quilt) Source: dhcpcd5 Binary: dhcpcd5 Architecture: any Version: 6.0.5-1.2 Maintainer: Roy Marples <r...@marples.name> Homepage: http://roy.marples.name/projects/dhcpcd Standards-Version: 3.9.4.0 Build-Depends: debhelper (>= 9) Package-List: dhcpcd5 deb net optional arch=any Checksums-Sha1: 433555ac11669333344d7ec80120f3ccdd0fcae5 110259 dhcpcd5_6.0.5.orig.tar.bz2 6b0e6b6f52ac26421fc13651e362add431b93b30 3884 dhcpcd5_6.0.5-1.2.debian.tar.xz Checksums-Sha256: 191d0bfd7fdfa05a580a4671c0489cd782828251b5ea0b41b6d17f026a36493c 110259 dhcpcd5_6.0.5.orig.tar.bz2 aeb0154d40edfba10a3c6f8420526995fefcf8749a71f0a203454446dbc2176a 3884 dhcpcd5_6.0.5-1.2.debian.tar.xz Files: a65ed99460a61f42c05f652c2eaafe7c 110259 dhcpcd5_6.0.5.orig.tar.bz2 4cd653acc4baebfbea4eca217688a433 3884 dhcpcd5_6.0.5-1.2.debian.tar.xzdhcpcd5_CVE-2014-6060.diff.gz
Description: application/gzip
--- End Message ---
--- Begin Message ---Source: dhcpcd5 Source-Version: 5.5.6-1+deb7u1 We believe that the bug you reported is fixed in the latest version of dhcpcd5, which is due to be installed in the Debian FTP archive. A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to 770...@bugs.debian.org, and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. Salvatore Bonaccorso <car...@debian.org> (supplier of updated dhcpcd5 package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing ftpmas...@ftp-master.debian.org) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Thu, 20 Nov 2014 13:29:49 +0100 Source: dhcpcd5 Binary: dhcpcd5 Architecture: source amd64 Version: 5.5.6-1+deb7u1 Distribution: stable Urgency: medium Maintainer: Roy Marples <r...@marples.name> Changed-By: Salvatore Bonaccorso <car...@debian.org> Description: dhcpcd5 - RFC2131 compliant DHCP client with IPv4LL support Closes: 770043 Changes: dhcpcd5 (5.5.6-1+deb7u1) stable; urgency=medium . * Non-maintainer upload by the Security Team. * Fix denial of service (CVE-2014-6060) in dhcpcd5: - backport fix from debian unstable dhcpcd5/6.0.5-2 (Closes: #770043) Checksums-Sha1: a530a0055923afc383f139df355b018ebc63a57e 1730 dhcpcd5_5.5.6-1+deb7u1.dsc 7cdd668d27b64509d078204f2a5e94e8914d5a13 3763 dhcpcd5_5.5.6-1+deb7u1.debian.tar.gz fb77bceafc8d7250591ebdb1c75a2783494fbf33 75402 dhcpcd5_5.5.6-1+deb7u1_amd64.deb Checksums-Sha256: bd07adf030233129ab34412b09823a7a1068dbb050e976104de82847e2316fd0 1730 dhcpcd5_5.5.6-1+deb7u1.dsc a82658bd3275b78481037360f46121612bcaa64c00aff1f0e196e3b5f9644579 3763 dhcpcd5_5.5.6-1+deb7u1.debian.tar.gz b0104a5a0f127fa383e6f26ae1f224a01dd1f4ccf84aeacedb65b1d584d3ae0a 75402 dhcpcd5_5.5.6-1+deb7u1_amd64.deb Files: 0d2c93468aad4c39e5cc9825ae9b7cdd 1730 net optional dhcpcd5_5.5.6-1+deb7u1.dsc c0b966395f45a1b65087cfce1153cb8a 3763 net optional dhcpcd5_5.5.6-1+deb7u1.debian.tar.gz 48670d00c201710ee4e76241e47161fb 75402 net optional dhcpcd5_5.5.6-1+deb7u1_amd64.deb -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.12 (GNU/Linux) iQIcBAEBCgAGBQJUbz09AAoJEAVMuPMTQ89EI0UP/3voIFD08I/yBDVEp9OM08H+ ewUbYtDrl4tD4unqOnKuDbHYAAiNcOHhAfVw77WjdiAgPUi29OhjiPd78TLN55rW J+ugrIG6/rq0k3J8iLvi84FTUFH2qdyK8ED5BIk44UOPpVeh6wYDSphF6yb2Mcke JxIq+Q0d5vaSRhrfrmMBxBh4LwYclBw8pHf7aXzNI9d378H/gkVrLac+lPyNpisV 3X+Inb1PcsIfMlCjs327lIC8h+acVZ7cZcc0psn1JxPV9CFmLopR/lhlSYymVLGQ cYlZ967FRQFpNPyb2ZQpyPLCG4X7UVZ/y/8Q9do+LbVV6OaTxj+zbs4jcTp0Oz6t qeB2CVuL+cEXp6xJ02UUc80QS64XGpAOACsiS7H1D9lJZHFTs5ZKNVtTjKTMRPGJ Mvm09F3x1zCZbXOwGGx8velwrsy+/pI42q5hPRPMNtrMzuQHiwqgB7PL9P2Q5UgV F1G9J1vCeBiiCx5T6uw7K3QArVy/vljfmfFV86YI0Or/eW0TG1fWwY3INXi3oSpQ ltbbfa6K7+hefv5hWrLMpXOzQmmpwjns3i1t7+eg9zUwDkuYkhucwb4ZRzVeOzxs 36w0LLeRwRJVtSRdiQD9+oj5j+td+GNwy3UwkpNmic6gCvKUJP8BQbuIt+NQJjeS zlD15m0ImhDG2f/Rxa/w =Ge/g -----END PGP SIGNATURE-----
--- End Message ---