[ Jamie Strandboge ]
* debian/dhclient-script.linux: Explicitly set the PATH to that of
ENV_SUPATH in /etc/login.defs and unset various other variables. We need
to do this so /sbin/dhclient cannot abuse the environment to escape
AppArmor confinement via this script. Don't worry about
debian/dhclient-script.linux.udeb or debian/dhclient-script.kfreebsd*
since AppArmor isn't used in these environments.
- LP: #1045986
[ Marc Deslauriers ]
* SECURITY UPDATE: denial of service via ipv6 lease expiration time
reduction
- debian/patches/CVE-2012-3955.patch: properly handle time reduction in
server/dhcpv6.c, server/mdb6.c.
- CVE-2012-3955
-- Marc Deslauriers <email address hidden> Fri, 14 Sep 2012 13:04:46 -0400
This bug was fixed in the package isc-dhcp - 4.1.1-P1- 15ubuntu9. 6
--------------- P1-15ubuntu9. 6) natty-security; urgency=low
isc-dhcp (4.1.1-
[ Jamie Strandboge ] dhclient- script. linux: Explicitly set the PATH to that of dhclient- script. linux.udeb or debian/ dhclient- script. kfreebsd*
* debian/
ENV_SUPATH in /etc/login.defs and unset various other variables. We need
to do this so /sbin/dhclient cannot abuse the environment to escape
AppArmor confinement via this script. Don't worry about
debian/
since AppArmor isn't used in these environments.
- LP: #1045986
[ Marc Deslauriers ] patches/ CVE-2012- 3955.patch: properly handle time reduction in dhcpv6. c, server/mdb6.c.
* SECURITY UPDATE: denial of service via ipv6 lease expiration time
reduction
- debian/
server/
- CVE-2012-3955
-- Marc Deslauriers <email address hidden> Fri, 14 Sep 2012 13:04:46 -0400