1
Candidate: CVE-2014-4883
4
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4883
5
https://bugzilla.redhat.com/show_bug.cgi?id=1169008
6
http://www.kb.cert.org/vuls/id/210620
7
http://git.savannah.gnu.org/cgit/lwip.git/commit/?id=9fb46e120655ac481b2af8f865d5ae56c39b831a
9
resolv.c in the DNS resolver in uIP, and dns.c in the DNS resolver in lwIP
10
1.4.1 and earlier, does not use random values for ID fields and source
11
ports of DNS query packets, which makes it easier for man-in-the-middle
12
attackers to conduct cache-poisoning attacks via spoofed reply packets.
21
upstream_lwipv6: needs-triage
22
lucid_lwipv6: ignored (reached end-of-life)
23
precise_lwipv6: ignored (reached end-of-life)
24
precise/esm_lwipv6: DNE (precise was needed)
26
utopic_lwipv6: ignored (reached end-of-life)
27
vivid_lwipv6: ignored (reached end-of-life)
28
vivid/stable-phone-overlay_lwipv6: DNE
29
vivid/ubuntu-core_lwipv6: DNE
30
wily_lwipv6: ignored (reached end-of-life)
32
yakkety_lwipv6: ignored (reached end-of-life)
33
zesty_lwipv6: ignored (reached end-of-life)