Date: Wed, 20 Apr 2011 09:31:27 +0200 From: Patrick Lamaiziere <patfbsd@davenulle.org> To: freebsd-security@freebsd.org Subject: Re: dhclient and CVE-2011-0997...? Message-ID: <20110420093127.3437c7bd@mr12941> In-Reply-To: <425B4657-A217-404E-8BC2-74BF3039002C@mac.com> References: <F33ACEB2-3E7D-4965-9382-74F2C0C498A3@mac.com> <425B4657-A217-404E-8BC2-74BF3039002C@mac.com>
next in thread | previous in thread | raw e-mail | index | archive | help
Le Tue, 19 Apr 2011 10:19:46 -0700, Chuck Swiger <cswiger@mac.com> a écrit : > Hi-- > > Are folks familiar with: > > http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0997 > http://www.isc.org/software/dhcp/advisories/cve-2011-0997 > http://nakedsecurity.sophos.com/2011/04/07/flaw-in-iscs-dhclient-could-allow-remote-code-execution/ > > Checking > http://www.freebsd.org/cgi/cvsweb.cgi/src/sbin/dhclient/dhclient.c, I > don't see signs that it may have been updated. But, I also can't > readily tell which version of dhclient FreeBSD actually has and how > much it might have been changed from the ISC version. :-) FreeBSD uses the OpenBSD dhclient, not the ISC one. Regards.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20110420093127.3437c7bd>