[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: [DSA 1833-2] New dhcp3 packages fix arbitrary code execution

> Florian Weimer wrote:
>> -----BEGIN PGP SIGNED MESSAGE-----
>> Hash: SHA1
>>
>> - ------------------------------------------------------------------------
>> Debian Security Advisory DSA-1833-2                  security@debian.org
>> http://www.debian.org/security/                           Florian Weimer
>> August 25, 2009                       http://www.debian.org/security/faq
>> - ------------------------------------------------------------------------
>>
>> Package        : dhcp3
>> Vulnerability  : several
>> Problem type   : remote
>> Debian-specific: no
>> CVE Id(s)      : CVE-2009-0692 CVE-2009-1892
>> CERT advisory  : VU#410676
>>
>> The previous dhcp3 update (DSA-1833-1) did not properly apply the
>> required changes to the stable (lenny) version.  The old stable (etch)
>> version is not affected by this problem.

Does that now apply the security patch to the ldap version as well? I
noticed that the previous one unapplied it before building the ldap
flavour.

MfG
        Goswin
Reply to: