Bug#683372: CVE-2012-3411
On Thu, Sep 06, 2012 at 09:51:04AM +0100, Simon Kelley wrote: On 05/09/12 16:57, Moritz Muehlenhoff wrote: On Wed, Aug 01, 2012 at 05:30:47PM +0100, Simon Kelley wrote: On 31/07/12 09:35, Moritz Muehlenhoff wrote: Package: dnsmasq Severity: important Tags: security Hi, I know you're aware of this bug since you commented it already, but I'm filing a Debian bug to keep track of this for Wheezy: https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2012-3411 Cheers, Moritz OK. I think what's needed to fix this is 1) dnsmasq 2.63 release and into Wheezy. 2) Alter libvirt to pass the new --bind-dynamic flag instead of --bind-interfaces This bug can be closed with 2.63-1? Or is there anything missing? Cheers, Moritz We're up to 2.63-3 now, due to various irritating packaging regressions. That needs to be forced into wheezy, and then the torch needs to be passed to libvirt. It looks like you still need to file an unblock request, though. Cheers, Moritz -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#683372: CVE-2012-3411
On 05/09/12 16:57, Moritz Muehlenhoff wrote: On Wed, Aug 01, 2012 at 05:30:47PM +0100, Simon Kelley wrote: On 31/07/12 09:35, Moritz Muehlenhoff wrote: Package: dnsmasq Severity: important Tags: security Hi, I know you're aware of this bug since you commented it already, but I'm filing a Debian bug to keep track of this for Wheezy: https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2012-3411 Cheers, Moritz OK. I think what's needed to fix this is 1) dnsmasq 2.63 release and into Wheezy. 2) Alter libvirt to pass the new --bind-dynamic flag instead of --bind-interfaces This bug can be closed with 2.63-1? Or is there anything missing? Cheers, Moritz We're up to 2.63-3 now, due to various irritating packaging regressions. That needs to be forced into wheezy, and then the torch needs to be passed to libvirt. Simon. -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#683372: CVE-2012-3411
On Wed, Aug 01, 2012 at 05:30:47PM +0100, Simon Kelley wrote: On 31/07/12 09:35, Moritz Muehlenhoff wrote: Package: dnsmasq Severity: important Tags: security Hi, I know you're aware of this bug since you commented it already, but I'm filing a Debian bug to keep track of this for Wheezy: https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2012-3411 Cheers, Moritz OK. I think what's needed to fix this is 1) dnsmasq 2.63 release and into Wheezy. 2) Alter libvirt to pass the new --bind-dynamic flag instead of --bind-interfaces This bug can be closed with 2.63-1? Or is there anything missing? Cheers, Moritz -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#683372: CVE-2012-3411
On 31/07/12 09:35, Moritz Muehlenhoff wrote: Package: dnsmasq Severity: important Tags: security Hi, I know you're aware of this bug since you commented it already, but I'm filing a Debian bug to keep track of this for Wheezy: https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2012-3411 Cheers, Moritz OK. I think what's needed to fix this is 1) dnsmasq 2.63 release and into Wheezy. 2) Alter libvirt to pass the new --bind-dynamic flag instead of --bind-interfaces Cheers, Simon. -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#683372: CVE-2012-3411
Package: dnsmasq Severity: important Tags: security Hi, I know you're aware of this bug since you commented it already, but I'm filing a Debian bug to keep track of this for Wheezy: https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2012-3411 Cheers, Moritz -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org