Ubuntu

“dhcpcd” 1:3.2.3-7ubuntu0.11.04.1 source package in The Natty Narwhal

Publishing history

1:3.2.3-7ubuntu0.11.04.1
OBSOLETE: Natty pocket Updates in component universe and section net
  • Removed from disk on 2013-06-04.
  • Removal requested on 2013-06-04.
  • Published on 2012-02-15
  • Copied from ubuntu natty in Private PPA for Ubuntu Security Team
1:3.2.3-7ubuntu0.11.04.1
OBSOLETE: Natty pocket Security in component universe and section net
  • Removed from disk on 2013-06-04.
  • Removal requested on 2013-06-04.
  • Published on 2012-02-15
  • Copied from ubuntu natty in Private PPA for Ubuntu Security Team

Builds

Changelog

dhcpcd (1:3.2.3-7ubuntu0.11.04.1) natty-security; urgency=high

    * SECURITY UPDATE: dhcpcd before 5.2.12 allows remote attackers to
      execute arbitrary commands via shell metacharacters in a hostname
      obtained from a DHCP message. (LP: #931036)
      - https://build.opensuse.org/package/view_file?file=dhcpcd-3.2.3-option-checks.diff&package=dhcpcd&project=network%3Adhcp&rev=52442e5c1d803d7c1818a920a0bae7f1
      - above linked patch(without the additional support for NETBIOS type
        messages) has been added.
      - CVE-2011-0996
 -- Zubin Mithra <email address hidden>   Mon, 13 Feb 2012 14:27:54 +0530