Bug#989420: buster-pu: package isc-dhcp/4.4.1-2+deb10u1

To: Salvatore Bonaccorso <carnil@debian.org>, 989420@bugs.debian.org
Subject: Bug#989420: buster-pu: package isc-dhcp/4.4.1-2+deb10u1
From: Cyril Brulebois <kibi@debian.org>
Date: Thu, 3 Jun 2021 13:23:40 +0200
Message-id: <[🔎] 20210603112340.6anoer3emkzkplr3@mraw.org>
Reply-to: Cyril Brulebois <kibi@debian.org>, 989420@bugs.debian.org
In-reply-to: <[🔎] 162271887587.21590.13455521041905994008.reportbug@lorien.valinor.li>
References: <[🔎] 162271887587.21590.13455521041905994008.reportbug@lorien.valinor.li> <[🔎] 162271887587.21590.13455521041905994008.reportbug@lorien.valinor.li>

Salvatore Bonaccorso <carnil@debian.org> (2021-06-03):
> This brings the update to address CVE-2021-25217 / #989157 in buster
> (the fix was applied already as NMU in unstable and unblocked
> accordingly).
> 
> The debian/changelog entry is
> 
> +isc-dhcp (4.4.1-2+deb10u1) buster; urgency=medium
> +
> +  * Non-maintainer upload.
> +  * A buffer overrun in lease file parsing code can be used to exploit a
> +    common vulnerability shared by dhcpd and dhclient (CVE-2021-25217)
> +    (Closes: #989157)
> +
> + -- Salvatore Bonaccorso <carnil@debian.org>  Thu, 03 Jun 2021 12:59:09 +0200
> 
> The debdiff attached accordingly. But it needs a d-i ack as well from
> Cyril as it produces udebs.

No objections, thanks.


Cheers,
-- 
Cyril Brulebois (kibi@debian.org)            <https://debamax.com/>
D-I release manager -- Release team member -- Freelance Consultant

Attachment: signature.asc
Description: PGP signature

Reply to:

References:
- Bug#989420: buster-pu: package isc-dhcp/4.4.1-2+deb10u1
  - From: Salvatore Bonaccorso <carnil@debian.org>

Prev by Date: Bug#989420: buster-pu: package isc-dhcp/4.4.1-2+deb10u1
Next by Date: Bug#989421: unblock: libgcrypt20/1.8.7-6
Previous by thread: Bug#989420: buster-pu: package isc-dhcp/4.4.1-2+deb10u1
Next by thread: Bug#989420: isc-dhcp 4.4.1-2+deb10u1 flagged for acceptance
Index(es):
- Date
- Thread