I have prepared a security update of dhcpcd5 to correct the problems described in CVE-2014-7912 and CVE-2014-7913.
What I did was to manually apply the correction made for android.
I have performed regression testing by installing the fixed dhcpcd5 and see that I can get a lease from my dhcpd. It works just fine so I guess I have not broken anything.
I have not tested the specific problem. I trust that Android developers have done that.
Packages for testing are available here:
You can find the debdiff here:
If there are no objections I will upload the corrected package to wheezy-security in four days. That is on monday.
Best regards,
// Ola
--
--------------------- Ola Lundqvist ---------------------------
\ gpg/f.p.: 7090 A92B 18FE 7994 0C36 4FE4 18A1 B1CF 0FE5 3DD9 /
---------------------------------------------------------------