About the security issues affecting dhcpcd5 in Wheezy

To: dhcpcd5@packages.debian.org
Cc: debian-lts@lists.debian.org, ola@inguza.com
Subject: About the security issues affecting dhcpcd5 in Wheezy
From: Ola Lundqvist <opal@debian.org>
Date: Thu, 26 May 2016 23:40:05 +0200
Message-id: <[🔎] 20160526214005.GA19701@inguza.net>
Reply-to: opal@debian.org

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Hello dear maintainer(s),

the Debian LTS team recently reviewed the security issue(s) affecting your
package in Wheezy:
https://security-tracker.debian.org/tracker/CVE-2016-1504
https://security-tracker.debian.org/tracker/CVE-2016-1503

We decided that we would not prepare a wheezy security update. 
I have reviewed the code and could not see that the vulnerability can be
seen in this code for the revision in wheezy.
I may be wrong so you are welcome to review the code once again.

If you find that the code is indeed vulnerable, please let us know.
If you find it vulnerable and want to work on an update, you're welcome
to do so. Please try to follow the workflow we have defined here:
https://wiki.debian.org/LTS/Development

If that workflow is a burden to you, feel free to just prepare an
updated source package and send it to debian-lts@lists.debian.org (via a
debdiff, or with an URL pointing to the source package, or even with a
pointer to your packaging repository), and the members of the LTS team
will take care of the rest. However please make sure to submit a tested
package.

Thank you very much.

Ola Lundqvist,
  on behalf of the Debian LTS team.

- -- 
 --------------------- Ola Lundqvist ---------------------------
/  opal@debian.org                     Folkebogatan 26          \
|  ola@inguza.com                      654 68 KARLSTAD          |
|  http://inguza.com/                  +46 (0)70-332 1551       |
\  gpg/f.p.: 22F2 32C6 B1E0 F4BF 2B26  0A6A 5E90 DCFA 9426 876F /
 ---------------------------------------------------------------
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.12 (GNU/Linux)

iQIcBAEBCAAGBQJXR201AAoJEF6Q3PqUJodvi3wP/1hfzVPMeQjEPqrH9oPKw/jo
vmIIxs7+EAmS+CKUWgbRW0YxT18AAjRN270wCU9pDKIBFZPTjc/WR0Ev+qQ76E6p
MRzaw7z8BRSwSHyTpKMK6pWFt7IkH6DF1JNkvtt29fQp6maciQvaqvqCyj/WqPO4
gDIdRpweYudFuTYfSDkPOTkSTVjuOCA8iVLgeZgf+6GUYFZZEmmugnrEHUuW7ea1
aX7KJeHv4gnqxZbiol+nGiPAK/ZGMxXUWUg3+ivb/c0uYKN3tT3zNscriEToNWmh
3DRPJGiE+2lALd6w7IK+oPByUxULJQ49ZmZR0P3j7cbbEJYRLZsnyJ6SO89nBge9
dEeFswHVC6+ZZVX//6Hm0OiTth9JavuEi+xkQ0M2TDD2Snf1GRvh30u6IFQCCz2e
fazspx/yFfygavVagphNyyqzOnp8XAkGPtcHB+QeX9S2TZY3kwIKC7KNWQqic6je
l5jP5a8UJZodIW9o5YiivTDhYkdApxUp/E8bJoPk5uXBstbLqThcMdZoRM09HKQt
EyLKits5JaLR9zFj4yylFZRFKFT8Z066Ytzkzl5/W/mWFLEQtRYKvF/8Jq045zY1
BwQ/TXAKO4dq8ryQkzvTPs9asPC1y7teBnZAbEuatmdyPFu1IpRdMl0XUEaRKrz7
7hF84KYkfd4GzxJu44X+
=w/n5
-----END PGP SIGNATURE-----

Reply to:

Prev by Date: Debian LTS Security update of ruby-activerecord-3.2
Next by Date: Re: Iceweasel 45 for Wheezy-LTS
Previous by thread: Re: Debian LTS Security update of ruby-activerecord-3.2
Next by thread: Enigmail in Wheezy-LTS
Index(es):
- Date
- Thread