On Thu, Sep 06, 2012 at 09:51:04AM +0100, Simon Kelley wrote:
> On 05/09/12 16:57, Moritz Muehlenhoff wrote:
> > On Wed, Aug 01, 2012 at 05:30:47PM +0100, Simon Kelley wrote:
> >> On 31/07/12 09:35, Moritz Muehlenhoff wrote:
> >>> Package: dnsmasq
> >>> Severity: important
> >>> Tags: security
> >>>
> >>> Hi,
> >>> I know you're aware of this bug since you commented it already, but I'm
> >>> filing a Debian bug to keep track of this for Wheezy:
> >>> https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2012-3411
> >>>
> >>> Cheers,
> >>> Moritz
> >>>
> >>
> >> OK. I think what's needed to fix this is
> >>
> >> 1) dnsmasq 2.63 release and into Wheezy.
> >> 2) Alter libvirt to pass the new --bind-dynamic flag instead of
> >> --bind-interfaces
> >
> > This bug can be closed with 2.63-1? Or is there anything missing?
> >
> > Cheers,
> > Moritz
> >
>
> We're up to 2.63-3 now, due to various irritating packaging regressions.
> That needs to be forced into wheezy, and then the torch needs to be
> passed to libvirt.
It looks like you still need to file an unblock request, though.
Cheers,
Moritz
--
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
