Publishing details

Removed from disk on 2016-11-01.
Removal requested on 2016-10-26.
Published on 2012-02-15
Copied from ubuntu lucid in Private PPA for Ubuntu Security Team

Changelog

dhcpcd (1:3.2.3-5ubuntu0.1) lucid-security; urgency=high

    * SECURITY UPDATE: dhcpcd before 5.2.12 allows remote attackers to
      execute arbitrary commands via shell metacharacters in a hostname
      obtained from a DHCP message. (LP: #931036)
      - https://build.opensuse.org/package/view_file?file=dhcpcd-3.2.3-option-checks.diff&package=dhcpcd&project=network%3Adhcp&rev=52442e5c1d803d7c1818a920a0bae7f1
      - above linked patch(without the additional support for NETBIOS type
        messages) has been added.
      - CVE-2011-0996
 -- Zubin Mithra <email address hidden>   Mon, 13 Feb 2012 14:27:54 +0530

Available diffs

diff from 1:3.2.3-5 (in Ubuntu) to 1:3.2.3-5ubuntu0.1 (3.3 KiB)

Builds

Package files

dhcpcd_3.2.3-5ubuntu0.1.diff.gz (18.0 KiB)
dhcpcd_3.2.3-5ubuntu0.1.dsc (1.7 KiB)
dhcpcd_3.2.3-5ubuntu0.1_amd64.deb (52.2 KiB)
dhcpcd_3.2.3-5ubuntu0.1_armel.deb (46.7 KiB)
dhcpcd_3.2.3-5ubuntu0.1_i386.deb (48.8 KiB)
dhcpcd_3.2.3-5ubuntu0.1_ia64.deb (68.0 KiB)
dhcpcd_3.2.3-5ubuntu0.1_powerpc.deb (51.3 KiB)
dhcpcd_3.2.3-5ubuntu0.1_sparc.deb (49.9 KiB)
dhcpcd_3.2.3.orig.tar.gz (52.3 KiB)