Your message dated Sun, 31 Jan 2016 03:50:59 +0000 with message-id <e1apj2r-0003le...@franck.debian.org> and subject line Bug#810875: fixed in isc-dhcp 4.3.3-7 has caused the Debian Bug report #810875, regarding isc-dhcp: CVE-2015-8605: UDP payload length not properly checked to be marked as done.
This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 810875: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=810875 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
--- Begin Message ---Source: isc-dhcp Version: 4.1.1-P1-15 Severity: grave Tags: security upstream fixed-upstream Hi, (filling so that we have a reference from the BTS) the following vulnerability was published for isc-dhcp. CVE-2015-8605[0]: UDP payload length not properly checked If you fix the vulnerability please also make sure to include the CVE (Common Vulnerabilities & Exposures) id in your changelog entry. For further information see: [0] https://security-tracker.debian.org/tracker/CVE-2015-8605 [1] https://kb.isc.org/article/AA-01334 Regards, Salvatore
--- End Message ---
--- Begin Message ---Source: isc-dhcp Source-Version: 4.3.3-7 We believe that the bug you reported is fixed in the latest version of isc-dhcp, which is due to be installed in the Debian FTP archive. A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to 810...@bugs.debian.org, and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. Michael Gilbert <mgilb...@debian.org> (supplier of updated isc-dhcp package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing ftpmas...@ftp-master.debian.org) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Sun, 31 Jan 2016 01:31:59 +0000 Source: isc-dhcp Binary: isc-dhcp-server isc-dhcp-server-ldap isc-dhcp-common isc-dhcp-dev isc-dhcp-client isc-dhcp-client-ddns isc-dhcp-client-udeb isc-dhcp-relay Architecture: source Version: 4.3.3-7 Distribution: unstable Urgency: medium Maintainer: Debian ISC DHCP maintainers <pkg-dhcp-de...@lists.alioth.debian.org> Changed-By: Michael Gilbert <mgilb...@debian.org> Description: isc-dhcp-client - DHCP client for automatically obtaining an IP address isc-dhcp-client-ddns - Dynamic DNS (DDNS) enabled DHCP client isc-dhcp-client-udeb - ISC DHCP Client for debian-installer (udeb) isc-dhcp-common - common files used by all of the isc-dhcp packages isc-dhcp-dev - API for accessing and modifying the DHCP server and client state isc-dhcp-relay - ISC DHCP relay daemon isc-dhcp-server - ISC DHCP server for automatic IP address assignment isc-dhcp-server-ldap - DHCP server that uses LDAP as its backend Closes: 648401 800914 810875 812525 Changes: isc-dhcp (4.3.3-7) unstable; urgency=medium . * Migrate to dbgsym debug packages. * Fix spelling error in changelog entry. * Include LDFLAGS in all calls to configure. * Fix relaying return packets (closes: #648401). - Thanks to Steinar H. Gunderson. * Fix cross-architecture building (closes: #812525). - Thanks to Helmut Grohne. * Initialize exit status in dhclient-script (closes: #800914). * Fix CVE-2015-8605: maliciously crafted IPv4 packet can cause any of the running DHCP applications to crash (closes: #810875). Checksums-Sha1: 8b3087ec2d0d6cc65f2d2edc29e4169226d350dc 3250 isc-dhcp_4.3.3-7.dsc 75674b1d055e233567ddc7eb2eba914978f0d060 83292 isc-dhcp_4.3.3-7.debian.tar.xz Checksums-Sha256: 25393f5a8da023661efe1ff4e0cb0cfebf2eeb09ab23e4d2109cd94644b1c10c 3250 isc-dhcp_4.3.3-7.dsc b82a7f78a73498759c96480636f3d837539a6c02df595706e90020815978e970 83292 isc-dhcp_4.3.3-7.debian.tar.xz Files: 5a835a878efbe2f3d262f96b5a93bfcc 3250 net important isc-dhcp_4.3.3-7.dsc 6883fe5bad65f346c761556b1484c093 83292 net important isc-dhcp_4.3.3-7.debian.tar.xz -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQQcBAEBCgAGBQJWrXZgAAoJELjWss0C1vRzGAYgAJ8yT03ACtZXi60IMf5R4Dmg NqBA+uWk8q7dbhtFlDD2VxzUC6MWjp60Cpq5Gohcoxx+kYnyluN9pI+XYJmVSeRT GfTEpMgUDEy74bm8MW7MeKpVgke+r9/o6GRiO8/ZrOG1Ylb/7hj7z9DuLzhnSC/Y 5WlT9HJAarJ83R27Xufhr5ZlzVAzj8A7NXCY4OhnAdrrc5XxFsxg1qwO8t1RgEeo RKvBwY1c3zIv91f8NSVJRa9E9rvV0pbyCyflcjZKHsxKODaNH6QCIHFE/vvGFQ8t hlriEdV6RYeK2Keh7Ka2N07MMs8FnG2yteuz2MeN9gEytR0gRVSZkXGbrlFpWjjp Nwo9lfzlszbPlwDnExde7iJpntErY7ioAUxB3rvTu20vyJubs9dgg8BkaL+kg5cK ZNvo1jXf7sgWsofr4SzuN4Vk3NMOm0MeaNc7Fv8b15Tq2aq8LnTvlPuuRYaJ6hi8 44r3FE6lPw1v+isQk3DQOnM0O7dMsVuQDkdfEX1FmtVhGoSDr4zzvSLTd3lXTNLx KA91GSqi2RWh1vtNtlEPLqJ3aGChFT/purt/XVTT46TmOlAcrHPLC+GEMcZcp2O2 tpZ18e/utetQI3WsLm2OouAITk7bCNu5wdfiHl4tn+OCX1NuVrC3tlUIr6171ae6 IJJgDtCHPDgSvqQX80Y2/7sNmVEsrOcAs9Di19gOmPRVNy/5iS1mChEWHVeZw06K uF1kyTPqJ2gKWI1RL0VRDHA4kuaoTQxqBscgH9APxMWGlm5fmvNAYTJKmtm2oJxA gq7F9wZF8oHb0zTPLYD0r5kZxTzY+9qwU2qUcT/6VL0+RyvXh1AnU/2Y2YE2KMVO UbWRXRrMKgQGWZ/Es3jw69SkG/5aAJYGhzEWrE+b9+NxLIgPN9kSW6fK+5qQdCU1 OQJIyNnsFfF5+i549O3dGTN16CNcixxU/Y1+ICLXaHcrzgd1LGNeuYmvpj51ciJ1 c1lBBIXcj3Jg7EQpHJfkaRfufUvuvrsG9/BifW8/rHk2N0tPUgketj1yM3aRkhNV pqRHf5L07F3dBDu/ABaS8+L7sjisfRTsbstWtjPn4HJ70u9N5UOFBOuXg1HoirHU 5kI5VWb8FtM/EnzrgwLk+4sIzypyA3QwQOqlBuUKOaZ4msOo1R8Ejz23OnkYr3bR WOfbDnNfISPHV554Lst9ExwQpDj4e0XcvHAxrMY3T/aPEPCdwejGwLEF7FljHMea EDPN0aPQue99ZuSBc3IT9uuNr5dRryo/GetWjQWbH55KqxvtyvDLFl6H66KodLLz KQbTj64Tdmld6RMzd0v3XOB6gbtM5Xc1pFEUVfEhonbHa5OLTYNfqiAEFggjpDo= =62sA -----END PGP SIGNATURE-----
--- End Message ---
