[pkg-dhcp-devel] Bug#698597: Bug#698597: isc-dhcp: CVE-2012-1667 patch (for Wheezy)
Michael Gilbert
mgilbert at debian.org
Sun Feb 3 03:43:15 UTC 2013
On Sat, Feb 2, 2013 at 9:20 PM, Ian Zimmerman wrote:
> On Sat, 2 Feb 2013 17:57:56 -0500
> Michael Gilbert <mgilbert at debian.org> wrote:
>
> Michael> So, the issue with the bind embed is that even though the
> Michael> entire thing is built, only a very small part is actually used
> Michael> by dhcp. I don't really have the time to look into whether the
> Michael> vulnerable bind code for this CVE is traversed or not. Someone
> Michael> needs to do that.
>
> Why is it embedded in the first place, rather than link to the shared
> libs built from bind?
Because the shared libs don't expose the functionality used by dhcp.
I worked on that a while ago, and there are bugs you can look at to
see the magnitude of effort it is going take to get that working.
Anyway, not even a possiblity at this point for wheezy anyway.
Best wishes,
Mike
More information about the pkg-dhcp-devel
mailing list