-
Committer:
Scott Moser
-
Author(s):
Marc Deslauriers, Jamie Strandboge, Marc Deslauriers
-
Date:
2012-09-14 17:58:33 UTC
-
Revision ID:
smoser@ubuntu.com-20120914175833-wa5t04eh6bxk01hf
Tags: 4.1.ESV-R4-0ubuntu5.5
[ Jamie Strandboge ]
* debian/dhclient-script.linux: Explicitly set the PATH to that of
ENV_SUPATH in /etc/login.defs and unset various other variables. We need
to do this so /sbin/dhclient cannot abuse the environment to escape
AppArmor confinement via this script. Don't worry about
debian/dhclient-script.linux.udeb or debian/dhclient-script.kfreebsd*
since AppArmor isn't used in these environments.
- LP: #1045986
[ Marc Deslauriers ]
* SECURITY UPDATE: denial of service via ipv6 lease expiration time
reduction
- debian/patches/CVE-2012-3955.patch: properly handle time reduction in
server/dhcpv6.c, server/mdb6.c.
- CVE-2012-3955