[pkg-dhcp-devel] Bug#698597: Bug#698597: isc-dhcp: CVE-2012-1667 patch (for Wheezy)

Michael Gilbert mgilbert at debian.org
Sun Feb 3 03:43:15 UTC 2013

On Sat, Feb 2, 2013 at 9:20 PM, Ian Zimmerman wrote:
> On Sat, 2 Feb 2013 17:57:56 -0500
> Michael Gilbert <mgilbert at debian.org> wrote:
> Michael> So, the issue with the bind embed is that even though the
> Michael> entire thing is built, only a very small part is actually used
> Michael> by dhcp.  I don't really have the time to look into whether the
> Michael> vulnerable bind code for this CVE is traversed or not.  Someone
> Michael> needs to do that.
> Why is it embedded in the first place, rather than link to the shared
> libs built from bind?

Because the shared libs don't expose the functionality used by dhcp.
I worked on that a while ago, and there are bugs you can look at to
see the magnitude of effort it is going take to get that working.
Anyway, not even a possiblity at this point for wheezy anyway.

Best wishes,

More information about the pkg-dhcp-devel mailing list