Package: dhcp3-server
Severity: grave
Tags: security patch
Hi,
the following CVE (Common Vulnerabilities & Exposures) id was
published for dhcp3.
CVE-2009-1892[0]:
| dhcpd in ISC DHCP 3.0.4 and 3.1.1, when the dhcp-client-identifier and
| hardware ethernet configuration settings are both used, allows remote
| attackers to cause a denial of service (daemon crash) via unspecified
| requests.
The patch that was used for the DSA is attached.
If you fix the vulnerability please also make sure to include the
CVE id in your changelog entry.
Cheers
Steffen
For further information see:
[0] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1892
http://security-tracker.debian.net/tracker/CVE-2009-1892
-------------- next part --------------
A non-text attachment was scrubbed...
Name: server-clientid-crash.dpatch
Type: text/x-shellscript
Size: 665 bytes
Desc: not available
URL:
<http://lists.alioth.debian.org/pipermail/secure-testing-team/attachments/20090801/0d990b43/attachment.bin>