Bug#704566: unblock: isc-dhcp/4.2.2.dfsg.1-5+deb70u4

["Adam D. Barratt" <adam@adam-barratt.org.uk>]

user release.debian.org@packages.debian.org
usertags 704566 = pu
tags 704566 = wheezy
retitle 704566 pu: isc-dhcp/4.2.2.dfsg.1-5+deb70u4
tags 704426 + wheezy-ignore
usertags 704426 + wheezy-can-defer
thanks

On 13.04.2013 17:28, Cyril Brulebois wrote:
> Adam D. Barratt <adam@adam-barratt.org.uk> (13/04/2013):
> > Thanks. I'd be happy to unblock that version, but it'll need a d-i 
> > ack
> > if it's to get in to wheezy. I'm not sure how feasible getting any 
> > more
> > changes is on that side right now, but let's see...
>
> Advisory says:
> | libdns in ISC DHCP 4.2.x before 4.2.5-P1 allows remote name servers 
> to
> | cause a denial of service (memory consumption) via vectors 
> involving a
> | regular expression, as demonstrated by a memory-exhaustion attack
> | against a machine running a dhcpd process, a related issue to
> | CVE-2013-2266.
>
> I'd rather avoid taking chances at this very late stage. Before rc2
> would have been doable, but now… not so much.

In which case, let's look at this again after the release?

Regards,

Adam