Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact

CVE-2011-0413: crash after DHCPv6 decline message

Related Vulnerabilities: CVE-2011-0413   cve-2011-0413  

Source

Debian Bug report logs - #611217
CVE-2011-0413: crash after DHCPv6 decline message

version graph

Package: isc-dhcp-server; Maintainer for isc-dhcp-server is Debian ISC DHCP Maintainers <isc-dhcp@packages.debian.org>; Source for isc-dhcp-server is src:isc-dhcp (PTS, buildd, popcon).

Reported by: Raphael Geissert <geissert@debian.org>

Date: Wed, 26 Jan 2011 21:27:01 UTC

Severity: grave

Tags: patch, security, squeeze-ignore

Found in version isc-dhcp/4.1.1-P1-15

Fixed in version isc-dhcp/4.1.1-P1-16

Done: Andrew Pollock <apollock@debian.org>

Bug is archived. No further changes may be made.

Toggle useless messages

View this report as an mbox folder, status mbox, maintainer mbox

Report forwarded to debian-bugs-dist@lists.debian.org, Debian ISC DHCP maintainers <pkg-dhcp-devel@lists.alioth.debian.org>:
Bug#611217; Package isc-dhcp-server. (Wed, 26 Jan 2011 21:27:04 GMT) (full text, mbox, link).

Acknowledgement sent to Raphael Geissert <geissert@debian.org>:
New Bug report received and forwarded. Copy sent to Debian ISC DHCP maintainers <pkg-dhcp-devel@lists.alioth.debian.org>. (Wed, 26 Jan 2011 21:27:04 GMT) (full text, mbox, link).

Message #5 received at submit@bugs.debian.org (full text, mbox, reply):

From: Raphael Geissert <geissert@debian.org>
To: submit@bugs.debian.org
Subject: CVE-2011-0413: crash after DHCPv6 decline message
Date: Wed, 26 Jan 2011 15:24:19 -0600
[Message part 1 (text/plain, inline)]
Package: isc-dhcp-server
Version: 4.1.1-P1-15
Severity: grave
Tags: security patch

Hi Ari,

Just as a public record, the following advisory (CVE-2011-0413[0]) has been 
published by ISC[1]:

> When the DHCPv6 server code processes a message for an address that was
> previously declined and internally tagged as abandoned it can trigger an
> assert failure resulting in the server crashing. This could be used to
> crash DHCPv6 servers remotely. This issue only affects DHCPv6 servers.
> DHCPv4 servers are unaffected.

I'm attaching the patch that was used for 4.1-ESV, which applies almost 
cleanly in 4.1.1-P1 (3 lines diff between hunks.) I have not tested it, though.


[0]http://security-tracker.debian.org/tracker/CVE-2011-0413
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0413
[1]http://www.isc.org/software/dhcp/advisories/cve-2011-0413

Cheers,
-- 
Raphael Geissert - Debian Developer
www.debian.org - get.debian.net

[cve-2011-0413.patch (text/x-patch, attachment)]
[signature.asc (application/pgp-signature, inline)]

Information forwarded to debian-bugs-dist@lists.debian.org, Debian ISC DHCP maintainers <pkg-dhcp-devel@lists.alioth.debian.org>:
Bug#611217; Package isc-dhcp-server. (Wed, 26 Jan 2011 21:42:06 GMT) (full text, mbox, link).

Acknowledgement sent to "Adam D. Barratt" <adam@adam-barratt.org.uk>:
Extra info received and forwarded to list. Copy sent to Debian ISC DHCP maintainers <pkg-dhcp-devel@lists.alioth.debian.org>. (Wed, 26 Jan 2011 21:42:06 GMT) (full text, mbox, link).

Message #10 received at 611217@bugs.debian.org (full text, mbox, reply):

From: "Adam D. Barratt" <adam@adam-barratt.org.uk>
To: Raphael Geissert <geissert@debian.org>, 611217@bugs.debian.org
Subject: Re: Bug#611217: CVE-2011-0413: crash after DHCPv6 decline message
Date: Wed, 26 Jan 2011 21:39:15 +0000
user release.debian.org@packages.debian.org
usertag 611217 + squeeze-can-defer
tag 611217 + squeeze-ignore
thanks

On Wed, 2011-01-26 at 15:24 -0600, Raphael Geissert wrote:
> > When the DHCPv6 server code processes a message for an address that was
> > previously declined and internally tagged as abandoned it can trigger an
> > assert failure resulting in the server crashing. This could be used to
> > crash DHCPv6 servers remotely. This issue only affects DHCPv6 servers.
> > DHCPv4 servers are unaffected.

This sounds like it can be fixed after release if need be; tagging as
not a blocker.

Regards,

Adam

Added tag(s) squeeze-ignore. Request was from "Adam D. Barratt" <adam@adam-barratt.org.uk> to control@bugs.debian.org. (Wed, 26 Jan 2011 21:42:08 GMT) (full text, mbox, link).

Information forwarded to debian-bugs-dist@lists.debian.org, Debian ISC DHCP maintainers <pkg-dhcp-devel@lists.alioth.debian.org>:
Bug#611217; Package isc-dhcp-server. (Wed, 26 Jan 2011 21:45:04 GMT) (full text, mbox, link).

Acknowledgement sent to Raphael Geissert <geissert@debian.org>:
Extra info received and forwarded to list. Copy sent to Debian ISC DHCP maintainers <pkg-dhcp-devel@lists.alioth.debian.org>. (Wed, 26 Jan 2011 21:45:05 GMT) (full text, mbox, link).

Message #17 received at 611217@bugs.debian.org (full text, mbox, reply):

From: Raphael Geissert <geissert@debian.org>
To: 611217@bugs.debian.org
Subject: Re: Bug#611217: CVE-2011-0413: crash after DHCPv6 decline message
Date: Wed, 26 Jan 2011 15:41:57 -0600
On Wednesday 26 January 2011 15:24:19 Raphael Geissert wrote:
> Hi Ari,

Andrew, of course :)

(Thanks to adsb for pointing it out)

Cheers,
-- 
Raphael Geissert - Debian Developer
www.debian.org - get.debian.net

Information forwarded to debian-bugs-dist@lists.debian.org, Debian ISC DHCP maintainers <pkg-dhcp-devel@lists.alioth.debian.org>:
Bug#611217; Package isc-dhcp-server. (Wed, 02 Feb 2011 20:18:03 GMT) (full text, mbox, link).

Acknowledgement sent to Moritz Mühlenhoff <jmm@inutil.org>:
Extra info received and forwarded to list. Copy sent to Debian ISC DHCP maintainers <pkg-dhcp-devel@lists.alioth.debian.org>. (Wed, 02 Feb 2011 20:18:03 GMT) (full text, mbox, link).

Message #22 received at 611217@bugs.debian.org (full text, mbox, reply):

From: Moritz Mühlenhoff <jmm@inutil.org>
To: 611217@bugs.debian.org
Subject: Re: CVE-2011-0413: crash after DHCPv6 decline message
Date: Wed, 2 Feb 2011 21:15:39 +0100
On Wed, Jan 26, 2011 at 03:24:19PM -0600, Raphael Geissert wrote:
> Package: isc-dhcp-server
> Version: 4.1.1-P1-15
> Severity: grave
> Tags: security patch
> 
> Hi Ari,
> 
> Just as a public record, the following advisory (CVE-2011-0413[0]) has been 
> published by ISC[1]:
> 
> > When the DHCPv6 server code processes a message for an address that was
> > previously declined and internally tagged as abandoned it can trigger an
> > assert failure resulting in the server crashing. This could be used to
> > crash DHCPv6 servers remotely. This issue only affects DHCPv6 servers.
> > DHCPv4 servers are unaffected.
> 
> I'm attaching the patch that was used for 4.1-ESV, which applies almost 
> cleanly in 4.1.1-P1 (3 lines diff between hunks.) I have not tested it, though.
> 
> 
> [0]http://security-tracker.debian.org/tracker/CVE-2011-0413
> http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0413
> [1]http://www.isc.org/software/dhcp/advisories/cve-2011-0413

Why was there no maintainer reaction since a week? No we need to prepare
a DSA for this :-/

Cheers,
        Moritz

Information forwarded to debian-bugs-dist@lists.debian.org, Debian ISC DHCP maintainers <pkg-dhcp-devel@lists.alioth.debian.org>:
Bug#611217; Package isc-dhcp-server. (Wed, 02 Feb 2011 20:36:03 GMT) (full text, mbox, link).

Acknowledgement sent to Andrew Pollock <apollock@debian.org>:
Extra info received and forwarded to list. Copy sent to Debian ISC DHCP maintainers <pkg-dhcp-devel@lists.alioth.debian.org>. (Wed, 02 Feb 2011 20:36:03 GMT) (full text, mbox, link).

Message #27 received at 611217@bugs.debian.org (full text, mbox, reply):

From: Andrew Pollock <apollock@debian.org>
To: Moritz Mühlenhoff <jmm@inutil.org>, 611217@bugs.debian.org
Subject: Re: [pkg-dhcp-devel] Bug#611217: CVE-2011-0413: crash after DHCPv6 decline message
Date: Thu, 3 Feb 2011 06:33:04 +1000
[Message part 1 (text/plain, inline)]
On Wed, Feb 02, 2011 at 09:15:39PM +0100, Moritz Mühlenhoff wrote:
> 
> Why was there no maintainer reaction since a week? No we need to prepare
> a DSA for this :-/
> 

There was no maintainer reaction because I thought previous responses were
that it was okay to deal with post-release. Is this now not the case?

[signature.asc (application/pgp-signature, inline)]

Information forwarded to debian-bugs-dist@lists.debian.org, Debian ISC DHCP maintainers <pkg-dhcp-devel@lists.alioth.debian.org>:
Bug#611217; Package isc-dhcp-server. (Wed, 02 Feb 2011 20:54:03 GMT) (full text, mbox, link).

Acknowledgement sent to Moritz Mühlenhoff <jmm@inutil.org>:
Extra info received and forwarded to list. Copy sent to Debian ISC DHCP maintainers <pkg-dhcp-devel@lists.alioth.debian.org>. (Wed, 02 Feb 2011 20:54:04 GMT) (full text, mbox, link).

Message #32 received at 611217@bugs.debian.org (full text, mbox, reply):

From: Moritz Mühlenhoff <jmm@inutil.org>
To: Andrew Pollock <apollock@debian.org>
Cc: team@security.debian.org, 611217@bugs.debian.org
Subject: Re: [pkg-dhcp-devel] Bug#611217: CVE-2011-0413: crash after DHCPv6 decline message
Date: Wed, 2 Feb 2011 21:51:05 +0100
On Thu, Feb 03, 2011 at 06:33:04AM +1000, Andrew Pollock wrote:
> On Wed, Feb 02, 2011 at 09:15:39PM +0100, Moritz Mühlenhoff wrote:
> > 
> > Why was there no maintainer reaction since a week? No we need to prepare
> > a DSA for this :-/
> > 
> 
> There was no maintainer reaction because I thought previous responses were
> that it was okay to deal with post-release. Is this now not the case?

Hmm, that was a misunderstanding, then: It was tagged by release managers as
not-a-blocker, i.e. it doesn't hold back the release if not fixed, a fix
through unstable would still have been possible. Any way, not it's too
late and we need a DSA. I'll open a ticket in the Debian Security Team
queue.

Cheers,
        Moritz

Information forwarded to debian-bugs-dist@lists.debian.org, Debian ISC DHCP maintainers <pkg-dhcp-devel@lists.alioth.debian.org>:
Bug#611217; Package isc-dhcp-server. (Wed, 02 Feb 2011 22:03:03 GMT) (full text, mbox, link).

Acknowledgement sent to Andrew Pollock <apollock@debian.org>:
Extra info received and forwarded to list. Copy sent to Debian ISC DHCP maintainers <pkg-dhcp-devel@lists.alioth.debian.org>. (Wed, 02 Feb 2011 22:03:03 GMT) (full text, mbox, link).

Message #37 received at 611217@bugs.debian.org (full text, mbox, reply):

From: Andrew Pollock <apollock@debian.org>
To: Moritz Mühlenhoff <jmm@inutil.org>
Cc: team@security.debian.org, 611217@bugs.debian.org
Subject: Re: [pkg-dhcp-devel] Bug#611217: CVE-2011-0413: crash after DHCPv6 decline message
Date: Thu, 3 Feb 2011 07:58:24 +1000
[Message part 1 (text/plain, inline)]
On Wed, Feb 02, 2011 at 09:51:05PM +0100, Moritz Mühlenhoff wrote:
> 
> Hmm, that was a misunderstanding, then: It was tagged by release managers as
> not-a-blocker, i.e. it doesn't hold back the release if not fixed, a fix
> through unstable would still have been possible. Any way, not it's too
> late and we need a DSA. I'll open a ticket in the Debian Security Team
> queue.

My apologies for the misunderstanding. I will proceed with fixing this in
unstable ASAP, probably this evening.

[signature.asc (application/pgp-signature, inline)]

Information forwarded to debian-bugs-dist@lists.debian.org, Debian ISC DHCP maintainers <pkg-dhcp-devel@lists.alioth.debian.org>:
Bug#611217; Package isc-dhcp-server. (Fri, 04 Feb 2011 06:57:03 GMT) (full text, mbox, link).

Acknowledgement sent to Andrew Pollock <apollock@debian.org>:
Extra info received and forwarded to list. Copy sent to Debian ISC DHCP maintainers <pkg-dhcp-devel@lists.alioth.debian.org>. (Fri, 04 Feb 2011 06:57:03 GMT) (full text, mbox, link).

Message #42 received at 611217@bugs.debian.org (full text, mbox, reply):

From: Andrew Pollock <apollock@debian.org>
To: control@bugs.debian.org
Cc: 611217@bugs.debian.org
Subject: setting package to dhcp3-common dhcp3-client dhcp3-relay isc-dhcp-server-ldap dhcp3-server isc-dhcp-client-udeb isc-dhcp-relay isc-dhcp-server dhcp3-dev isc-dhcp-relay-dbg isc-dhcp-server-dbg isc-dhcp-client-dbg isc-dhcp isc-dhcp-client isc-dhcp-common isc-dhcp-dev ...
Date: Thu, 03 Feb 2011 22:54:49 -0800
# Automatically generated email from bts, devscripts version 2.10.35lenny7
# via tagpending 
#
# isc-dhcp (4.1.1-P1-16) unstable; urgency=high
#
#  * Patch by Raphael Geissert from 4.1-ESV for CVE-2011-0413 (closes: #611217) 

package dhcp3-common dhcp3-client dhcp3-relay isc-dhcp-server-ldap dhcp3-server isc-dhcp-client-udeb isc-dhcp-relay isc-dhcp-server dhcp3-dev isc-dhcp-relay-dbg isc-dhcp-server-dbg isc-dhcp-client-dbg isc-dhcp isc-dhcp-client isc-dhcp-common isc-dhcp-dev
tags 611217 + pending

Added tag(s) pending. Request was from Andrew Pollock <apollock@debian.org> to control@bugs.debian.org. (Fri, 04 Feb 2011 06:57:06 GMT) (full text, mbox, link).

Information forwarded to debian-bugs-dist@lists.debian.org, Debian ISC DHCP maintainers <pkg-dhcp-devel@lists.alioth.debian.org>:
Bug#611217; Package isc-dhcp-server. (Sat, 12 Feb 2011 12:12:06 GMT) (full text, mbox, link).

Acknowledgement sent to Julien Cristau <jcristau@debian.org>:
Extra info received and forwarded to list. Copy sent to Debian ISC DHCP maintainers <pkg-dhcp-devel@lists.alioth.debian.org>. (Sat, 12 Feb 2011 12:12:06 GMT) (full text, mbox, link).

Message #49 received at 611217@bugs.debian.org (full text, mbox, reply):

From: Julien Cristau <jcristau@debian.org>
To: Andrew Pollock <apollock@debian.org>, 611217@bugs.debian.org
Cc: Moritz Mühlenhoff <jmm@inutil.org>, team@security.debian.org
Subject: Re: Bug#611217: [pkg-dhcp-devel] Bug#611217: CVE-2011-0413: crash after DHCPv6 decline message
Date: Sat, 12 Feb 2011 13:09:30 +0100
On Thu, Feb  3, 2011 at 07:58:24 +1000, Andrew Pollock wrote:

> On Wed, Feb 02, 2011 at 09:51:05PM +0100, Moritz Mühlenhoff wrote:
> > 
> > Hmm, that was a misunderstanding, then: It was tagged by release managers as
> > not-a-blocker, i.e. it doesn't hold back the release if not fixed, a fix
> > through unstable would still have been possible. Any way, not it's too
> > late and we need a DSA. I'll open a ticket in the Debian Security Team
> > queue.
> 
> My apologies for the misunderstanding. I will proceed with fixing this in
> unstable ASAP, probably this evening.

Any news?

Cheers,
Julien

Information forwarded to debian-bugs-dist@lists.debian.org, Debian ISC DHCP maintainers <pkg-dhcp-devel@lists.alioth.debian.org>:
Bug#611217; Package isc-dhcp-server. (Sat, 12 Feb 2011 16:12:03 GMT) (full text, mbox, link).

Acknowledgement sent to Andrew Pollock <apollock@debian.org>:
Extra info received and forwarded to list. Copy sent to Debian ISC DHCP maintainers <pkg-dhcp-devel@lists.alioth.debian.org>. (Sat, 12 Feb 2011 16:12:03 GMT) (full text, mbox, link).

Message #54 received at 611217@bugs.debian.org (full text, mbox, reply):

From: Andrew Pollock <apollock@debian.org>
To: Julien Cristau <jcristau@debian.org>
Cc: 611217@bugs.debian.org, Moritz Mühlenhoff <jmm@inutil.org>, team@security.debian.org
Subject: Re: Bug#611217: [pkg-dhcp-devel] Bug#611217: CVE-2011-0413: crash after DHCPv6 decline message
Date: Sat, 12 Feb 2011 08:09:40 -0800
[Message part 1 (text/plain, inline)]
On Sat, Feb 12, 2011 at 01:09:30PM +0100, Julien Cristau wrote:
> On Thu, Feb  3, 2011 at 07:58:24 +1000, Andrew Pollock wrote:
> 
> > On Wed, Feb 02, 2011 at 09:51:05PM +0100, Moritz Mühlenhoff wrote:
> > > 
> > > Hmm, that was a misunderstanding, then: It was tagged by release managers as
> > > not-a-blocker, i.e. it doesn't hold back the release if not fixed, a fix
> > > through unstable would still have been possible. Any way, not it's too
> > > late and we need a DSA. I'll open a ticket in the Debian Security Team
> > > queue.
> > 
> > My apologies for the misunderstanding. I will proceed with fixing this in
> > unstable ASAP, probably this evening.
> 
> Any news?

Sigh. Looks like I managed to do everything *except* upload it. Uploading
now.

[signature.asc (application/pgp-signature, inline)]

Reply sent to Andrew Pollock <apollock@debian.org>:
You have taken responsibility. (Sat, 12 Feb 2011 16:21:10 GMT) (full text, mbox, link).

Notification sent to Raphael Geissert <geissert@debian.org>:
Bug acknowledged by developer. (Sat, 12 Feb 2011 16:21:10 GMT) (full text, mbox, link).

Message #59 received at 611217-close@bugs.debian.org (full text, mbox, reply):

From: Andrew Pollock <apollock@debian.org>
To: 611217-close@bugs.debian.org
Subject: Bug#611217: fixed in isc-dhcp 4.1.1-P1-16
Date: Sat, 12 Feb 2011 16:17:43 +0000
Source: isc-dhcp
Source-Version: 4.1.1-P1-16

We believe that the bug you reported is fixed in the latest version of
isc-dhcp, which is due to be installed in the Debian FTP archive:

dhcp3-client_4.1.1-P1-16_all.deb
  to main/i/isc-dhcp/dhcp3-client_4.1.1-P1-16_all.deb
dhcp3-common_4.1.1-P1-16_all.deb
  to main/i/isc-dhcp/dhcp3-common_4.1.1-P1-16_all.deb
dhcp3-dev_4.1.1-P1-16_all.deb
  to main/i/isc-dhcp/dhcp3-dev_4.1.1-P1-16_all.deb
dhcp3-relay_4.1.1-P1-16_all.deb
  to main/i/isc-dhcp/dhcp3-relay_4.1.1-P1-16_all.deb
dhcp3-server_4.1.1-P1-16_all.deb
  to main/i/isc-dhcp/dhcp3-server_4.1.1-P1-16_all.deb
isc-dhcp-client-dbg_4.1.1-P1-16_i386.deb
  to main/i/isc-dhcp/isc-dhcp-client-dbg_4.1.1-P1-16_i386.deb
isc-dhcp-client-udeb_4.1.1-P1-16_i386.udeb
  to main/i/isc-dhcp/isc-dhcp-client-udeb_4.1.1-P1-16_i386.udeb
isc-dhcp-client_4.1.1-P1-16_i386.deb
  to main/i/isc-dhcp/isc-dhcp-client_4.1.1-P1-16_i386.deb
isc-dhcp-common_4.1.1-P1-16_i386.deb
  to main/i/isc-dhcp/isc-dhcp-common_4.1.1-P1-16_i386.deb
isc-dhcp-dev_4.1.1-P1-16_i386.deb
  to main/i/isc-dhcp/isc-dhcp-dev_4.1.1-P1-16_i386.deb
isc-dhcp-relay-dbg_4.1.1-P1-16_i386.deb
  to main/i/isc-dhcp/isc-dhcp-relay-dbg_4.1.1-P1-16_i386.deb
isc-dhcp-relay_4.1.1-P1-16_i386.deb
  to main/i/isc-dhcp/isc-dhcp-relay_4.1.1-P1-16_i386.deb
isc-dhcp-server-dbg_4.1.1-P1-16_i386.deb
  to main/i/isc-dhcp/isc-dhcp-server-dbg_4.1.1-P1-16_i386.deb
isc-dhcp-server-ldap_4.1.1-P1-16_i386.deb
  to main/i/isc-dhcp/isc-dhcp-server-ldap_4.1.1-P1-16_i386.deb
isc-dhcp-server_4.1.1-P1-16_i386.deb
  to main/i/isc-dhcp/isc-dhcp-server_4.1.1-P1-16_i386.deb
isc-dhcp_4.1.1-P1-16.diff.gz
  to main/i/isc-dhcp/isc-dhcp_4.1.1-P1-16.diff.gz
isc-dhcp_4.1.1-P1-16.dsc
  to main/i/isc-dhcp/isc-dhcp_4.1.1-P1-16.dsc



A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 611217@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Andrew Pollock <apollock@debian.org> (supplier of updated isc-dhcp package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmaster@debian.org)


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Format: 1.8
Date: Thu, 03 Feb 2011 22:20:55 -0800
Source: isc-dhcp
Binary: isc-dhcp-server isc-dhcp-server-dbg isc-dhcp-server-ldap isc-dhcp-common isc-dhcp-dev isc-dhcp-client isc-dhcp-client-dbg isc-dhcp-client-udeb isc-dhcp-relay isc-dhcp-relay-dbg dhcp3-server dhcp3-client dhcp3-relay dhcp3-common dhcp3-dev
Architecture: source i386 all
Version: 4.1.1-P1-16
Distribution: unstable
Urgency: high
Maintainer: Debian ISC DHCP maintainers <pkg-dhcp-devel@lists.alioth.debian.org>
Changed-By: Andrew Pollock <apollock@debian.org>
Description: 
 dhcp3-client - ISC DHCP server (transitional package)
 dhcp3-common - ISC DHCP common files (transitional package)
 dhcp3-dev  - ISC DHCP development files (transitional package)
 dhcp3-relay - ISC DHCP relay (transitional package)
 dhcp3-server - ISC DHCP server (transitional package)
 isc-dhcp-client - ISC DHCP client
 isc-dhcp-client-dbg - ISC DHCP client (debugging symbols)
 isc-dhcp-client-udeb - ISC DHCP Client for debian-installer (udeb)
 isc-dhcp-common - common files used by all the isc-dhcp* packages
 isc-dhcp-dev - API for accessing and modifying the DHCP server and client state
 isc-dhcp-relay - ISC DHCP relay daemon
 isc-dhcp-relay-dbg - DHCP relay daemon (debugging symbols)
 isc-dhcp-server - ISC DHCP server for automatic IP address assignment
 isc-dhcp-server-dbg - ISC DHCP server for automatic IP address assignment (debug)
 isc-dhcp-server-ldap - DHCP server able to use LDAP as backend
Closes: 611217
Changes: 
 isc-dhcp (4.1.1-P1-16) unstable; urgency=high
 .
   * Patch by Raphael Geissert from 4.1-ESV for CVE-2011-0413 (closes: #611217)
Checksums-Sha1: 
 9ba46554deeea54f0a4f8d2920db923ea29182b5 2176 isc-dhcp_4.1.1-P1-16.dsc
 c12bc87e24e1f2151da3a395558ebc8253cebcf3 130845 isc-dhcp_4.1.1-P1-16.diff.gz
 a6f789ca6731b99985fb7f28340b860f1eb6db93 377526 isc-dhcp-server_4.1.1-P1-16_i386.deb
 1a359b6dfe00363d8289b0412975c1fe675b0c6e 797608 isc-dhcp-server-dbg_4.1.1-P1-16_i386.deb
 f8a516c2bc0d27bb75a6eb41a5cae512b05561e9 338630 isc-dhcp-server-ldap_4.1.1-P1-16_i386.deb
 60f938732afe334e1e452c992bcbfcf028f8beef 315520 isc-dhcp-common_4.1.1-P1-16_i386.deb
 648d6edaa805b2087e40e17db07659dbdd18924d 668954 isc-dhcp-dev_4.1.1-P1-16_i386.deb
 df92d191f1df28da9486e34e297e808b5ac828b3 253796 isc-dhcp-client_4.1.1-P1-16_i386.deb
 517530b9ceb6a0a41d274fbb4445d3da36db46d2 619518 isc-dhcp-client-dbg_4.1.1-P1-16_i386.deb
 03ad8598ffb95abb83d2f6055975fe96ae79e9f2 202392 isc-dhcp-client-udeb_4.1.1-P1-16_i386.udeb
 6f0e1c8501e58879bd365e47cd2982f2cc853271 204314 isc-dhcp-relay_4.1.1-P1-16_i386.deb
 758a59ef3d40c008ebe8546b2ac9c9fe2d17c894 563582 isc-dhcp-relay-dbg_4.1.1-P1-16_i386.deb
 feef02515312b1ae6b2890e87122410c89b8c996 25752 dhcp3-server_4.1.1-P1-16_all.deb
 c1c54a6873846f452949902c2f9a2de421b27d3c 25320 dhcp3-client_4.1.1-P1-16_all.deb
 735778060b97f345e77eb2492b9602c8633dd770 25458 dhcp3-relay_4.1.1-P1-16_all.deb
 6599ca45bd4b28d34624d5032e85ebc5593f5884 24876 dhcp3-common_4.1.1-P1-16_all.deb
 ecc704c97ef4cea41e778878b407a7724228d0fc 24924 dhcp3-dev_4.1.1-P1-16_all.deb
Checksums-Sha256: 
 d96647da85c88f74106f8315cab7e556e1300454d9d70940ad5b2e9a4f90c289 2176 isc-dhcp_4.1.1-P1-16.dsc
 63a7cdb7c70a532137e75c29958232f49f92bd1e294bf24a78024076c6f207a3 130845 isc-dhcp_4.1.1-P1-16.diff.gz
 3194c563283c4b049420e071306953d34eee027998408d51d0986d662720e94d 377526 isc-dhcp-server_4.1.1-P1-16_i386.deb
 8ebcaa62bad5a6f92a8d81830c824fa205a16c3cd82a989f176d90eb254d7f41 797608 isc-dhcp-server-dbg_4.1.1-P1-16_i386.deb
 56118909e59128109f5dde6866bf7d4aee65ba4771ad064102a30fd59811eb34 338630 isc-dhcp-server-ldap_4.1.1-P1-16_i386.deb
 4281610eb534cd8eff797699cbf0ba1ec2288fa30a8b54cba5a3aca5ba39fc1c 315520 isc-dhcp-common_4.1.1-P1-16_i386.deb
 21b456e75923edca8113977aee9525bd973bbfbfdebb0b09436d8e9110bb0305 668954 isc-dhcp-dev_4.1.1-P1-16_i386.deb
 74cba34df48e4976e26491f1c4c37182e2152efe764020b0f9ec1eb95424b8e4 253796 isc-dhcp-client_4.1.1-P1-16_i386.deb
 4518f986fa33624c5d2040485b1fc356a665db7caf69a66b3dab50934efe44de 619518 isc-dhcp-client-dbg_4.1.1-P1-16_i386.deb
 14f20771abf3369858b779890e83bcea4668dcf6a24acc107344122c9cdc4563 202392 isc-dhcp-client-udeb_4.1.1-P1-16_i386.udeb
 dea9639365b2fe2c82b62843c905f5e626b9be39df833a5f1e37152f3699e71c 204314 isc-dhcp-relay_4.1.1-P1-16_i386.deb
 6b0c7663e81a7a962b0d83ce20ab27a9a452bf13a9069b57048eeee26331c842 563582 isc-dhcp-relay-dbg_4.1.1-P1-16_i386.deb
 850e08507be0d6eefa348de2c16d673d2b3a418bd22e35902a54267ea8293eed 25752 dhcp3-server_4.1.1-P1-16_all.deb
 2b604457ede032d8c7f37e1539ec3cee801652e099c9f70b012ea2a16d840c26 25320 dhcp3-client_4.1.1-P1-16_all.deb
 4fc399aa25c34c5aa8c7db08e0c947371601e1052787a1a7ff06c2b5a0b7c528 25458 dhcp3-relay_4.1.1-P1-16_all.deb
 78b5c9a8d3e844d266725783ba16bf52c7f54d02a151648c361dfd8174f29260 24876 dhcp3-common_4.1.1-P1-16_all.deb
 99060504f5b499f4d1c5eae9f956499bfbc25c7244a2d0868ceeb4aaf7e8bb8d 24924 dhcp3-dev_4.1.1-P1-16_all.deb
Files: 
 18d3669ce6efef79129d1520411a254d 2176 net important isc-dhcp_4.1.1-P1-16.dsc
 b0af1f460051b15d0cedc3156ae46ee5 130845 net important isc-dhcp_4.1.1-P1-16.diff.gz
 5dea5f406c5814593726e0eb2101ae64 377526 net optional isc-dhcp-server_4.1.1-P1-16_i386.deb
 7e0eb405ae29a05da0694b46ac9d6d71 797608 debug extra isc-dhcp-server-dbg_4.1.1-P1-16_i386.deb
 d3a5e4b9c931f19d820b2fb92450b62f 338630 net optional isc-dhcp-server-ldap_4.1.1-P1-16_i386.deb
 72af94cf9ae87304341cb5d30ee28118 315520 net important isc-dhcp-common_4.1.1-P1-16_i386.deb
 9efe819dfb6ba33b101c8723263d37b1 668954 devel optional isc-dhcp-dev_4.1.1-P1-16_i386.deb
 aaf63f669b7e5924f9a85334b82af6f4 253796 net important isc-dhcp-client_4.1.1-P1-16_i386.deb
 0239cefa75c3f930f7a9c3de855275d3 619518 debug extra isc-dhcp-client-dbg_4.1.1-P1-16_i386.deb
 7e35019c4ce55e024144cc560b06fa1e 202392 debian-installer extra isc-dhcp-client-udeb_4.1.1-P1-16_i386.udeb
 7ba8ce8002f65912e542e613a3ae90b6 204314 net optional isc-dhcp-relay_4.1.1-P1-16_i386.deb
 96b63509ad0342c51f54c118c8382474 563582 debug extra isc-dhcp-relay-dbg_4.1.1-P1-16_i386.deb
 6ddea7d35cf5381a32d4369e902a01bc 25752 oldlibs extra dhcp3-server_4.1.1-P1-16_all.deb
 b7521f6b7ef6143199938d46a77c8438 25320 oldlibs extra dhcp3-client_4.1.1-P1-16_all.deb
 1dec2303845b54371202b4502a6c56dd 25458 oldlibs extra dhcp3-relay_4.1.1-P1-16_all.deb
 8449f5b62a5ec9857efc22b0ba33c9a6 24876 oldlibs extra dhcp3-common_4.1.1-P1-16_all.deb
 74d70ca3649effb741ba0bf22106d4b6 24924 oldlibs extra dhcp3-dev_4.1.1-P1-16_all.deb
Package-Type: udeb

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)

iQIcBAEBAgAGBQJNS52bAAoJEFHf2Ts++3nv1doP/jUghrEKmwOgoDEJNoDoM0en
/w6/OL5GVDDjEXT3Wjqv94yQdOPiNBwf6Cvzr0P4dcf92Z7+h/aqaCF+2TTD6PLn
Vns8U9JM1/1Bal5HFOYUXkX1qVVKS9umKKIhalpvuwjtVTNd9nlQ63dc48lIp5I4
6kjmjYv6HtXO4Y6JQLeHC6gRC0VvkUUdCUIJxY+D+ZKTZMMGZZ1lQaPLe0BP6Ta6
yruqfC51LblJovN9d7qd1imZxjWvZRkEsGJ9C8bbAjWFzvPHY+RbfZszmVgL4yDY
sRIsRo0xo4I89P3tB1CllhmqPhMu5daKNQ9CMzMv+K4Ur72bzmSWQcnPTLG2CkfI
2HEr0HKjsW7JQMPiv4qwvDOr95oY4Hugq6sadmHrSfjxfGuDuK0LgC4cOqWSQhHc
s2MfuTbEZgc/9ljohGIp98MeKj2K1S+E5n3UeKA8PQkG5IqB+wvT7WZR6GjsOPcz
f84YV3Va2MhbE1XI7TK5fwNOIojH/XMF7PuRsK7SRJWbG1ovZa9qWv4+uyJ+QV/p
1yTyivWGfaKhIojc6zvvsUwjYQ1GrgYH10A1WdtufLRDaxOvs59IjCaUxhSYqryM
lWDfQ6LkW2KCP+vsaRYW7Y42X8jLzjjdDOrJZefC8YOa+cg1UinUuAoEhzo4rEfj
haoc6Gks7bm05hkIvohX
=KfbU
-----END PGP SIGNATURE-----

Information forwarded to debian-bugs-dist@lists.debian.org, Debian ISC DHCP maintainers <pkg-dhcp-devel@lists.alioth.debian.org>:
Bug#611217; Package isc-dhcp-server. (Fri, 25 Feb 2011 16:33:05 GMT) (full text, mbox, link).

Acknowledgement sent to Michael Gilbert <michael.s.gilbert@gmail.com>:
Extra info received and forwarded to list. Copy sent to Debian ISC DHCP maintainers <pkg-dhcp-devel@lists.alioth.debian.org>. (Fri, 25 Feb 2011 16:33:06 GMT) (full text, mbox, link).

Message #64 received at 611217@bugs.debian.org (full text, mbox, reply):

From: Michael Gilbert <michael.s.gilbert@gmail.com>
To: 611217@bugs.debian.org
Subject: re: cve-2011-0413
Date: Fri, 25 Feb 2011 11:30:33 -0500
Hi,

Are you working on an updated squeeze package for this?  If not, I'll
prepare one for a DSA since the patch is fairly straightforward.

Best wishes,
Mike

Information forwarded to debian-bugs-dist@lists.debian.org, Debian ISC DHCP maintainers <pkg-dhcp-devel@lists.alioth.debian.org>:
Bug#611217; Package isc-dhcp-server. (Fri, 25 Feb 2011 18:00:11 GMT) (full text, mbox, link).

Acknowledgement sent to Andrew Pollock <apollock@debian.org>:
Extra info received and forwarded to list. Copy sent to Debian ISC DHCP maintainers <pkg-dhcp-devel@lists.alioth.debian.org>. (Fri, 25 Feb 2011 18:00:12 GMT) (full text, mbox, link).

Message #69 received at 611217@bugs.debian.org (full text, mbox, reply):

From: Andrew Pollock <apollock@debian.org>
To: Michael Gilbert <michael.s.gilbert@gmail.com>, 611217@bugs.debian.org
Subject: Re: [pkg-dhcp-devel] Bug#611217: cve-2011-0413
Date: Fri, 25 Feb 2011 09:59:23 -0800
[Message part 1 (text/plain, inline)]
On Fri, Feb 25, 2011 at 11:30:33AM -0500, Michael Gilbert wrote:
> Hi,
> 
> Are you working on an updated squeeze package for this?  If not, I'll
> prepare one for a DSA since the patch is fairly straightforward.
> 

If you could do an update for Squeeze I'd really appreciate it.

[signature.asc (application/pgp-signature, inline)]

Bug archived. Request was from Debbugs Internal Request <owner@bugs.debian.org> to internal_control@bugs.debian.org. (Sun, 05 May 2013 07:32:26 GMT) (full text, mbox, link).

Send a report that this bug log contains spam.

Debian bug tracking system administrator <owner@bugs.debian.org>. Last modified: Wed Jun 19 14:49:44 2019; Machine Name: buxtehude

Debian Bug tracking system

Debbugs is free software and licensed under the terms of the GNU Public License version 2. The current version can be obtained from https://bugs.debian.org/debbugs-source/.

Copyright © 1999 Darren O. Benham, 1997,2003 nCipher Corporation Ltd, 1994-97 Ian Jackson, 2005-2017 Don Armstrong, and many other contributors.

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook

Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started