Date: Tue, 19 Apr 2011 10:19:46 -0700 From: Chuck Swiger <cswiger@mac.com> To: freebsd-security security <freebsd-security@freebsd.org> Subject: Fwd: dhclient and CVE-2011-0997...? Message-ID: <425B4657-A217-404E-8BC2-74BF3039002C@mac.com> References: <F33ACEB2-3E7D-4965-9382-74F2C0C498A3@mac.com>
next in thread | previous in thread | raw e-mail | index | archive | help
Hi-- Are folks familiar with: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0997 http://www.isc.org/software/dhcp/advisories/cve-2011-0997 http://nakedsecurity.sophos.com/2011/04/07/flaw-in-iscs-dhclient-could-allow-remote-code-execution/ Checking http://www.freebsd.org/cgi/cvsweb.cgi/src/sbin/dhclient/dhclient.c, I don't see signs that it may have been updated. But, I also can't readily tell which version of dhclient FreeBSD actually has and how much it might have been changed from the ISC version. :-) Regards, -- -Chuck
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?425B4657-A217-404E-8BC2-74BF3039002C>