Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 649010 (CVE-2018-5732, CVE-2018-5733) - <net-misc/dhcp-4.3.6_p1: multiple vulnerabilities (CVE-2018-{5732,5733})
Summary: <net-misc/dhcp-4.3.6_p1: multiple vulnerabilities (CVE-2018-{5732,5733})
Status: RESOLVED FIXED
Alias: CVE-2018-5732, CVE-2018-5733
Product: Gentoo Security
Classification: Unclassified
Component: Vulnerabilities (show other bugs)
Hardware: All Linux
: Normal normal (vote)
Assignee: Gentoo Security
URL:
Whiteboard: A2 [glsa+ cve]
Keywords:
Depends on:
Blocks:
 
Reported: 2018-02-28 00:16 UTC by Thomas Deutschmann
Modified: 2018-04-08 16:48 UTC (History)
1 user (show)

See Also:
Package list:
net-misc/dhcp-4.3.6_p1
Runtime testing required: ---
stable-bot: sanity-check+


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Thomas Deutschmann gentoo-dev 2018-02-28 00:16:02 UTC
Incoming details.
Comment 1 Lars Wendler (Polynomial-C) (RETIRED) gentoo-dev 2018-02-28 17:46:52 UTC
commit 135e7f7665906c5ac144101b35121a05495eefc8
Author: Lars Wendler <polynomial-c@gentoo.org>
Date:   Wed Feb 28 17:34:22 2018

    net-misc/dhcp: Bump to versions 4.3.6_p1 and 4.4.1
    
    Bug: https://bugs.gentoo.org/649010
    Package-Manager: Portage-2.3.24, Repoman-2.3.6
Comment 2 Thomas Deutschmann gentoo-dev 2018-03-01 18:00:43 UTC
@ Arches,

please test and mark stable: =net-misc/dhcp-4.3.6_p1
Comment 3 Jason Zaman gentoo-dev 2018-03-02 14:15:41 UTC
amd64 stable
Comment 4 Sergei Trofimovich (RETIRED) gentoo-dev 2018-03-02 23:24:10 UTC
ia64 stable
Comment 5 Thomas Deutschmann gentoo-dev 2018-03-04 06:53:16 UTC
x86 stable
Comment 6 Sergei Trofimovich (RETIRED) gentoo-dev 2018-03-04 19:49:51 UTC
commit 888bc959077d8b0b2276876ddb1455619683b194
Author: Rolf Eike Beer <eike@sf-mail.de>
Date:   Sun Mar 4 11:14:46 2018 +0100

    net-misc/dhcp: stable 4.3.6_p1 for sparc, bug #649010
Comment 7 Tobias Klausmann (RETIRED) gentoo-dev 2018-03-05 17:15:37 UTC
Stable on alpha.
Comment 8 Matt Turner gentoo-dev 2018-03-11 05:20:38 UTC
hppa stable
Comment 9 Matt Turner gentoo-dev 2018-03-12 04:40:10 UTC
ppc/ppc64 stable
Comment 10 Markus Meier gentoo-dev 2018-03-13 17:54:27 UTC
arm stable, all arches done.
Comment 11 Christopher Díaz Riveros (RETIRED) gentoo-dev Security 2018-03-13 18:05:21 UTC
New GLSA Request filed.

@Maintainers please proceed to remove vulnerable versions.

Thank you
Comment 12 GLSAMaker/CVETool Bot gentoo-dev 2018-04-08 16:48:17 UTC
This issue was resolved and addressed in
 GLSA 201804-05 at https://security.gentoo.org/glsa/201804-05
by GLSA coordinator Aaron Bauman (b-man).