dhcpcd (1:3.2.3-7ubuntu0.11.04.1) natty-security; urgency=high
* SECURITY UPDATE: dhcpcd before 5.2.12 allows remote attackers to
execute arbitrary commands via shell metacharacters in a hostname
obtained from a DHCP message. (LP: #931036)
- above linked patch(without the additional support for NETBIOS type
messages) has been added.
-- Zubin Mithra <email address hidden> Mon, 13 Feb 2012 14:27:54 +0530