USN-299-1: dhcdbd vulnerability
Posted on: 06/14/2006 10:12 AM

A new dhcdbd vulnerability update is available for Ubuntu Linux. Here the announcement:

Ubuntu Security Notice USN-299-1 June 13, 2006
dhcdbd vulnerability
https://launchpad.net/bugs/49104
==========================
==========================
=========

A security issue affects the following Ubuntu releases:

Ubuntu 6.06 LTS

This advisory also applies to the corresponding versions of
Kubuntu, Edubuntu, and Xubuntu.

The problem can be corrected by upgrading your system to the
following package versions:

Ubuntu 6.06 LTS:
dhcdbd 1.10-0ubuntu11.1

In general, a standard system upgrade is sufficient to effect the
necessary changes.

Details follow:

Florian Hackenberger discovered a memory corruption bug in dhcdbd (the
NetworkManager daemon for processing DHCP operations). Invalid DHCP
responses crashed dhcdbd, which caused NetworkManager to not work any
more.

Updated packages for Ubuntu 6.06 LTS:

Source archives:

http://security.ubuntu.com/ubuntu/pool/main/d/dhcdbd/dhcdbd_1.10-0ubunt=
u11.1.diff.gz
Size/MD5: 5760 6f361c05e336353ac3552c9bc248319d
http://security.ubuntu.com/ubuntu/pool/main/d/dhcdbd/dhcdbd_1.10-0ubunt=
u11.1.dsc
Size/MD5: 608 e267063fb19c930c18f4484e4c7fe861
http://security.ubuntu.com/ubuntu/pool/main/d/dhcdbd/dhcdbd_1.10.orig.t=
ar.gz
Size/MD5: 70160 d54941e97507bfdd2458839591e1fd60

amd64 architecture (Athlon64, Opteron, EM64T Xeon)

http://security.ubuntu.com/ubuntu/pool/main/d/dhcdbd/dhcdbd_1.10-0ubunt=
u11.1_amd64.deb
Size/MD5: 49386 bf512d561eba57cc5f74e97be95fcc06

i386 architecture (x86 compatible Intel/AMD)

http://security.ubuntu.com/ubuntu/pool/main/d/dhcdbd/dhcdbd_1.10-0ubunt=
u11.1_i386.deb
Size/MD5: 43042 631f10b839b26e1423a21ceedbeb3cab

powerpc architecture (Apple Macintosh G3/G4/G5)

http://security.ubuntu.com/ubuntu/pool/main/d/dhcdbd/dhcdbd_1.10-0ubunt=
u11.1_powerpc.deb
Size/MD5: 47644 43937e8d74230cdc3cf902917a4f4a0f

--0z5c7mBtSy1wdr4F
Content-Type: application/pgp-signature; name="signature.asc"
Content-Description: Digital signature
Content-Disposition: inline

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.2.2 (GNU/Linux)

iD8DBQFEj8z1DecnbV4Fd/IRAvisAKCcWXYLjzgZiWQrVZXXWMuv4Sj6EwCdFOk/
B4jCIqwTaOe5TFrWpdyO6Rs=
=AXHr
-----END PGP SIGNATURE-----



Printed from Linux Compatible (http://www.linuxcompatible.org/news/story/usn_299_1_dhcdbd_vulnerability.html)