[pkg-dhcp-devel] Bug#698597: Bug#698597: isc-dhcp: CVE-2012-1667 patch (for Wheezy)

Ian Zimmerman itz at buug.org
Sun Feb 3 02:20:14 UTC 2013

On Sat, 2 Feb 2013 17:57:56 -0500
Michael Gilbert <mgilbert at debian.org> wrote:

Michael> So, the issue with the bind embed is that even though the
Michael> entire thing is built, only a very small part is actually used
Michael> by dhcp.  I don't really have the time to look into whether the
Michael> vulnerable bind code for this CVE is traversed or not.  Someone
Michael> needs to do that.

Why is it embedded in the first place, rather than link to the shared
libs built from bind?

Ian Zimmerman
gpg public key: 1024D/C6FF61AD
fingerprint: 66DC D68F 5C1B 4D71 2EE5  BD03 8A00 786C C6FF 61AD
Rule 420: All persons more than eight miles high to leave the court.

More information about the pkg-dhcp-devel mailing list