Adam D. Barratt <adam@adam-barratt.org.uk> (13/04/2013):
Thanks. I'd be happy to unblock that version, but it'll need a d-i
ack
if it's to get in to wheezy. I'm not sure how feasible getting any
more
changes is on that side right now, but let's see...
Advisory says:
| libdns in ISC DHCP 4.2.x before 4.2.5-P1 allows remote name servers
to
| cause a denial of service (memory consumption) via vectors
involving a
| regular expression, as demonstrated by a memory-exhaustion attack
| against a machine running a dhcpd process, a related issue to
| CVE-2013-2266.
I'd rather avoid taking chances at this very late stage. Before rc2
would have been doable, but now… not so much.