subject:"Bug#891786\: marked as done \(isc\-dhcp\: CVE\-2018\-5732\: A specially constructed response from a malicious server can cause a buffer overflow in dhclient\)"

Bug#891786: marked as done (isc-dhcp: CVE-2018-5732: A specially constructed response from a malicious server can cause a buffer overflow in dhclient)

2018-03-10 Thread Debian Bug Tracking System

Your message dated Sat, 10 Mar 2018 23:18:09 +
with message-id 
and subject line Bug#891786: fixed in isc-dhcp 4.3.1-6+deb8u3
has caused the Debian Bug report #891786,
regarding isc-dhcp: CVE-2018-5732: A specially constructed response from a 
malicious server can cause a buffer overflow in dhclient
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
891786: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=891786
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Source: isc-dhcp
Version: 4.3.1-6
Severity: important
Tags: security upstream

Hi,

the following vulnerability was published for isc-dhcp.

CVE-2018-5732[0]:
|A specially constructed response from a malicious server can cause a
|buffer overflow in dhclient

If you fix the vulnerability please also make sure to include the
CVE (Common Vulnerabilities & Exposures) id in your changelog entry.

For further information see:

[0] https://security-tracker.debian.org/tracker/CVE-2018-5732
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5732
[1] https://kb.isc.org/article/AA-01565/75/CVE-2018-5732

Regards,
Salvatore
--- End Message ---
--- Begin Message ---
Source: isc-dhcp
Source-Version: 4.3.1-6+deb8u3

We believe that the bug you reported is fixed in the latest version of
isc-dhcp, which is due to be installed in the Debian FTP archive.

A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 891...@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Salvatore Bonaccorso  (supplier of updated isc-dhcp package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmas...@ftp-master.debian.org)


-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512

Format: 1.8
Date: Sun, 04 Mar 2018 11:20:38 +0100
Source: isc-dhcp
Binary: isc-dhcp-server isc-dhcp-server-dbg isc-dhcp-dbg isc-dhcp-server-ldap 
isc-dhcp-common isc-dhcp-dev isc-dhcp-client isc-dhcp-client-dbg 
isc-dhcp-client-udeb isc-dhcp-relay isc-dhcp-relay-dbg
Architecture: source
Version: 4.3.1-6+deb8u3
Distribution: jessie-security
Urgency: high
Maintainer: Debian ISC DHCP maintainers 
Changed-By: Salvatore Bonaccorso 
Closes: 887413 891785 891786
Description: 
 isc-dhcp-client - DHCP client for automatically obtaining an IP address
 isc-dhcp-client-dbg - ISC DHCP server for automatic IP address assignment 
(client debug
 isc-dhcp-client-udeb - ISC DHCP Client for debian-installer (udeb)
 isc-dhcp-common - common files used by all of the isc-dhcp packages
 isc-dhcp-dbg - ISC DHCP server for automatic IP address assignment (debuging 
sym
 isc-dhcp-dev - API for accessing and modifying the DHCP server and client state
 isc-dhcp-relay - ISC DHCP relay daemon
 isc-dhcp-relay-dbg - ISC DHCP server for automatic IP address assignment 
(relay debug)
 isc-dhcp-server - ISC DHCP server for automatic IP address assignment
 isc-dhcp-server-dbg - ISC DHCP server for automatic IP address assignment 
(server debug
 isc-dhcp-server-ldap - DHCP server that uses LDAP as its backend
Changes:
 isc-dhcp (4.3.1-6+deb8u3) jessie-security; urgency=high
 .
   * Non-maintainer upload by the Security Team.
   * Plugs a socket descriptor leak in OMAPI (CVE-2017-3144) (Closes: #887413)
   * Corrected refcnt loss in option parsing (CVE-2018-5733) (Closes: #891785)
   * Correct buffer overrun in pretty_print_option (CVE-2018-5732)
 (Closes: #891786)
Checksums-Sha1: 
 33ee8547bc7752fb856ab15e89be074959437d24 2932 isc-dhcp_4.3.1-6+deb8u3.dsc
 09e24193a2c4533d983ef04c165f2166ed5cf537 83408 
isc-dhcp_4.3.1-6+deb8u3.debian.tar.xz
Checksums-Sha256: 
 5d7225a4ac38cdf7dd4a298e95a59207a28ce1975feb9869ff5dd0049000784c 2932 
isc-dhcp_4.3.1-6+deb8u3.dsc
 932e7e4d99036aa0b446bac1b9c6ac7d289cbaa4300ba96ef2d3e9bd0d6020e4 83408 
isc-dhcp_4.3.1-6+deb8u3.debian.tar.xz
Files: 
 0d8d5e28391d45dd13552a77707f53bb 2932 net important isc-dhcp_4.3.1-6+deb8u3.dsc
 28829aa858547ad19cbadf8d74ab127e 83408 net important 
isc-dhcp_4.3.1-6+deb8u3.debian.tar.xz

-BEGIN PGP SIGNATURE-

iQKmBAEBCgCQFiEERkRAmAjBceBVMd3uBUy48xNDz0QFAlqbzytfFIAALgAo
aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDQ2
NDQ0MDk4MDhDMTcxRTA1NTMxRERFRTA1NENCOEYzMTM0M0NGNDQSHGNhcm5pbEBk

Bug#891786: marked as done (isc-dhcp: CVE-2018-5732: A specially constructed response from a malicious server can cause a buffer overflow in dhclient)

2018-03-10 Thread Debian Bug Tracking System

Your message dated Sat, 10 Mar 2018 23:17:09 +
with message-id 
and subject line Bug#891786: fixed in isc-dhcp 4.3.5-3+deb9u1
has caused the Debian Bug report #891786,
regarding isc-dhcp: CVE-2018-5732: A specially constructed response from a 
malicious server can cause a buffer overflow in dhclient
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
891786: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=891786
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Source: isc-dhcp
Version: 4.3.1-6
Severity: important
Tags: security upstream

Hi,

the following vulnerability was published for isc-dhcp.

CVE-2018-5732[0]:
|A specially constructed response from a malicious server can cause a
|buffer overflow in dhclient

If you fix the vulnerability please also make sure to include the
CVE (Common Vulnerabilities & Exposures) id in your changelog entry.

For further information see:

[0] https://security-tracker.debian.org/tracker/CVE-2018-5732
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5732
[1] https://kb.isc.org/article/AA-01565/75/CVE-2018-5732

Regards,
Salvatore
--- End Message ---
--- Begin Message ---
Source: isc-dhcp
Source-Version: 4.3.5-3+deb9u1

We believe that the bug you reported is fixed in the latest version of
isc-dhcp, which is due to be installed in the Debian FTP archive.

A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 891...@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Salvatore Bonaccorso  (supplier of updated isc-dhcp package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmas...@ftp-master.debian.org)


-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512

Format: 1.8
Date: Sat, 03 Mar 2018 17:27:05 +0100
Source: isc-dhcp
Binary: isc-dhcp-server isc-dhcp-server-ldap isc-dhcp-common isc-dhcp-dev 
isc-dhcp-client isc-dhcp-client-ddns isc-dhcp-client-udeb isc-dhcp-relay
Architecture: source
Version: 4.3.5-3+deb9u1
Distribution: stretch-security
Urgency: high
Maintainer: Debian ISC DHCP maintainers 
Changed-By: Salvatore Bonaccorso 
Closes: 887413 891785 891786
Description: 
 isc-dhcp-client - DHCP client for automatically obtaining an IP address
 isc-dhcp-client-ddns - Dynamic DNS (DDNS) enabled DHCP client
 isc-dhcp-client-udeb - ISC DHCP Client for debian-installer (udeb)
 isc-dhcp-common - common manpages relevant to all of the isc-dhcp packages
 isc-dhcp-dev - API for accessing and modifying the DHCP server and client state
 isc-dhcp-relay - ISC DHCP relay daemon
 isc-dhcp-server - ISC DHCP server for automatic IP address assignment
 isc-dhcp-server-ldap - DHCP server that uses LDAP as its backend
Changes:
 isc-dhcp (4.3.5-3+deb9u1) stretch-security; urgency=high
 .
   * Non-maintainer upload by the Security Team.
   * Plugs a socket descriptor leak in OMAPI (CVE-2017-3144) (Closes: #887413)
   * Corrected refcnt loss in option parsing (CVE-2018-5733) (Closes: #891785)
   * Correct buffer overrun in pretty_print_option (CVE-2018-5732)
 (Closes: #891786)
Checksums-Sha1: 
 338da0ef3cb08b96d4da99c0608671914b6fce7a 2758 isc-dhcp_4.3.5-3+deb9u1.dsc
 283ad78a33d0fa28cb6c338353c66e3d96bf3499 1141640 isc-dhcp_4.3.5.orig.tar.gz
 e7efef64943a2177ec8f6ce38b282b0781979214 88808 
isc-dhcp_4.3.5-3+deb9u1.debian.tar.xz
Checksums-Sha256: 
 45426dfbcf1d0efe22032f8b94e11992071997543c630bde66f403de22f4aa83 2758 
isc-dhcp_4.3.5-3+deb9u1.dsc
 36fbfbbe4b7d44fa588e34a3339656be9f5ae33748452d243fe5fa5321a115e5 1141640 
isc-dhcp_4.3.5.orig.tar.gz
 52ebb5fff096ad9a2fa2bf0c148a1b511b85373de70146f0234fed0224613227 88808 
isc-dhcp_4.3.5-3+deb9u1.debian.tar.xz
Files: 
 7f26f6068303167de657f3c430bf6186 2758 net important isc-dhcp_4.3.5-3+deb9u1.dsc
 2cc305b76cf4a75ae57822f90a122437 1141640 net important 
isc-dhcp_4.3.5.orig.tar.gz
 0bc8871c6179c5b91ff3918320cad3a5 88808 net important 
isc-dhcp_4.3.5-3+deb9u1.debian.tar.xz

-BEGIN PGP SIGNATURE-

iQKmBAEBCgCQFiEERkRAmAjBceBVMd3uBUy48xNDz0QFAlqbAjhfFIAALgAo
aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDQ2
NDQ0MDk4MDhDMTcxRTA1NTMxRERFRTA1NENCOEYzMTM0M0NGNDQSHGNhcm5pbEBk
ZWJpYW4ub3JnAAoJEAVMuPMTQ89ErkUP/R6ppMADrvkjX0x8/d2exSLBY4iUPo0d

Bug#891786: marked as done (isc-dhcp: CVE-2018-5732: A specially constructed response from a malicious server can cause a buffer overflow in dhclient)

2018-03-04 Thread Debian Bug Tracking System

Your message dated Mon, 05 Mar 2018 05:52:39 +
with message-id 
and subject line Bug#891786: fixed in isc-dhcp 4.3.5-3.1
has caused the Debian Bug report #891786,
regarding isc-dhcp: CVE-2018-5732: A specially constructed response from a 
malicious server can cause a buffer overflow in dhclient
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
891786: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=891786
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Source: isc-dhcp
Version: 4.3.1-6
Severity: important
Tags: security upstream

Hi,

the following vulnerability was published for isc-dhcp.

CVE-2018-5732[0]:
|A specially constructed response from a malicious server can cause a
|buffer overflow in dhclient

If you fix the vulnerability please also make sure to include the
CVE (Common Vulnerabilities & Exposures) id in your changelog entry.

For further information see:

[0] https://security-tracker.debian.org/tracker/CVE-2018-5732
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5732
[1] https://kb.isc.org/article/AA-01565/75/CVE-2018-5732

Regards,
Salvatore
--- End Message ---
--- Begin Message ---
Source: isc-dhcp
Source-Version: 4.3.5-3.1

We believe that the bug you reported is fixed in the latest version of
isc-dhcp, which is due to be installed in the Debian FTP archive.

A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 891...@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Salvatore Bonaccorso  (supplier of updated isc-dhcp package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmas...@ftp-master.debian.org)


-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512

Format: 1.8
Date: Sun, 04 Mar 2018 21:35:31 +0100
Source: isc-dhcp
Binary: isc-dhcp-server isc-dhcp-server-ldap isc-dhcp-common isc-dhcp-dev 
isc-dhcp-client isc-dhcp-client-ddns isc-dhcp-client-udeb isc-dhcp-relay
Architecture: source
Version: 4.3.5-3.1
Distribution: unstable
Urgency: medium
Maintainer: Debian ISC DHCP maintainers 
Changed-By: Salvatore Bonaccorso 
Closes: 887413 891785 891786
Description: 
 isc-dhcp-client - DHCP client for automatically obtaining an IP address
 isc-dhcp-client-ddns - Dynamic DNS (DDNS) enabled DHCP client
 isc-dhcp-client-udeb - ISC DHCP Client for debian-installer (udeb)
 isc-dhcp-common - common manpages relevant to all of the isc-dhcp packages
 isc-dhcp-dev - API for accessing and modifying the DHCP server and client state
 isc-dhcp-relay - ISC DHCP relay daemon
 isc-dhcp-server - ISC DHCP server for automatic IP address assignment
 isc-dhcp-server-ldap - DHCP server that uses LDAP as its backend
Changes:
 isc-dhcp (4.3.5-3.1) unstable; urgency=medium
 .
   * Non-maintainer upload.
   * Plugs a socket descriptor leak in OMAPI (CVE-2017-3144) (Closes: #887413)
   * Corrected refcnt loss in option parsing (CVE-2018-5733) (Closes: #891785)
   * Correct buffer overrun in pretty_print_option (CVE-2018-5732)
 (Closes: #891786)
Checksums-Sha1: 
 ecb8124333b531ec319084cc951d491bffa8ea71 2738 isc-dhcp_4.3.5-3.1.dsc
 d72f63506b3d72cfb6ff63cb72005ad1dc0cb294 88780 isc-dhcp_4.3.5-3.1.debian.tar.xz
Checksums-Sha256: 
 4a22b4f74323bbaab93ae9575b4cc1b23caa9a62a192cd9842369be76fe8459d 2738 
isc-dhcp_4.3.5-3.1.dsc
 253edf711a9aa5bdc00a9ab8920acf337cedd64f3e7566c46a8e307835dfc6d8 88780 
isc-dhcp_4.3.5-3.1.debian.tar.xz
Files: 
 749107e35764de87138113db0bc3a4d9 2738 net important isc-dhcp_4.3.5-3.1.dsc
 94f0336ee332d7c91711772eef390bf8 88780 net important 
isc-dhcp_4.3.5-3.1.debian.tar.xz

-BEGIN PGP SIGNATURE-

iQKmBAEBCgCQFiEERkRAmAjBceBVMd3uBUy48xNDz0QFAlqcWfVfFIAALgAo
aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDQ2
NDQ0MDk4MDhDMTcxRTA1NTMxRERFRTA1NENCOEYzMTM0M0NGNDQSHGNhcm5pbEBk
ZWJpYW4ub3JnAAoJEAVMuPMTQ89EJxYP/2FHTJLHuEXWC6O9siDbDz5XKCEH+CsI
4QWfqgHqaHhscEAHoKbFEnLGoSrRdowuBtt7Qr8FGBwApLsVSjuf1xbD9nMJTHHc
JNHLt9sbM/7RQgQX08jI+rQFhG0mtutV/t5mjfgI+YbJXIj4w5zU65IbQudBhyoV
EYvznglZti8KHfJAey3gFTFIOfSkIC5UJI8lV0Mk2um6IizTrEOIPxnBUvSxZNN9
7a7gUYZ+GoDVB/DHWOdJ4AKZHsIC1IN4E99dEu0Ak5S4px+Li7nfmSRtDkDa137q
hOtJ76QN7NPxrsky6r7YUXLNeUO2W7QuMv8B/i5fZDlCpzFpcfG2evrGYevIlupk

Bug#891786: marked as done (isc-dhcp: CVE-2018-5732: A specially constructed response from a malicious server can cause a buffer overflow in dhclient)

Bug#891786: marked as done (isc-dhcp: CVE-2018-5732: A specially constructed response from a malicious server can cause a buffer overflow in dhclient)

Bug#891786: marked as done (isc-dhcp: CVE-2018-5732: A specially constructed response from a malicious server can cause a buffer overflow in dhclient)

3 matches

Site Navigation

Mail list logo

Footer information