From $URL: Sebastian Krahmer of the SUSE security team noticed that DHCP clients fail to sanitize certain values supplied by DHCP servers during the DHCP communication. The example of such value is hostname configured on the DHCP client. Various scripts assume hostname is trusted and do not sufficiently escape or quote it. Malicious DHCP server can use this to execute arbitrary code on the DHCP client by supplying a specially-crafted hostname. Fixed for our current stable in 3.1-ESV (http://ftp.isc.org/isc/dhcp/dhcp-3.1-ESV-R1-RELNOTES), for testing in 4.2.1-P1 (http://ftp.isc.org/isc/dhcp/dhcp-4.2.1-P1-RELNOTES)
ive added dhcp-4.2.1_p1 to the tree. someone else can handle dhcp-3.x.
Please punt vulnerable versions.
Updated existing GLSA draft to include this.
This issue was resolved and addressed in GLSA 201301-06 at http://security.gentoo.org/glsa/glsa-201301-06.xml by GLSA coordinator Stefan Behte (craig).
