Viewing all changes in revision 50.
- Committer: Scott Moser
- Date: 2012-09-14 17:58:33 UTC
- Revision ID: smoser@ubuntu.com-20120914175833-wa5t04eh6bxk01hf
[ Jamie Strandboge ]
* debian/dhclient-script.linux: Explicitly set the PATH to that of
ENV_SUPATH in /etc/login.defs and unset various other variables. We need
to do this so /sbin/dhclient cannot abuse the environment to escape
AppArmor confinement via this script. Don't worry about
debian/dhclient-script.linux.udeb or debian/dhclient-script.kfreebsd*
since AppArmor isn't used in these environments.
- LP: #1045986
[ Marc Deslauriers ]
* SECURITY UPDATE: denial of service via ipv6 lease expiration time
reduction
- debian/patches/CVE-2012-3955.patch: properly handle time reduction in
server/dhcpv6.c, server/mdb6.c.
- CVE-2012-3955
* debian/dhclient-script.linux: Explicitly set the PATH to that of
ENV_SUPATH in /etc/login.defs and unset various other variables. We need
to do this so /sbin/dhclient cannot abuse the environment to escape
AppArmor confinement via this script. Don't worry about
debian/dhclient-script.linux.udeb or debian/dhclient-script.kfreebsd*
since AppArmor isn't used in these environments.
- LP: #1045986
[ Marc Deslauriers ]
* SECURITY UPDATE: denial of service via ipv6 lease expiration time
reduction
- debian/patches/CVE-2012-3955.patch: properly handle time reduction in
server/dhcpv6.c, server/mdb6.c.
- CVE-2012-3955
- files added:
- debian/patches/CVE-2012-3955.dpatch
- files modified:
- debian/changelog
expand all
collapse all
added
removed
