[pkg-dhcp-devel] Bug#611217: Bug#611217: CVE-2011-0413: crash after DHCPv6 decline message

Moritz Mühlenhoff jmm at inutil.org
Wed Feb 2 20:51:05 UTC 2011

On Thu, Feb 03, 2011 at 06:33:04AM +1000, Andrew Pollock wrote:
> On Wed, Feb 02, 2011 at 09:15:39PM +0100, Moritz Mühlenhoff wrote:
> > 
> > Why was there no maintainer reaction since a week? No we need to prepare
> > a DSA for this :-/
> > 
> There was no maintainer reaction because I thought previous responses were
> that it was okay to deal with post-release. Is this now not the case?

Hmm, that was a misunderstanding, then: It was tagged by release managers as
not-a-blocker, i.e. it doesn't hold back the release if not fixed, a fix
through unstable would still have been possible. Any way, not it's too
late and we need a DSA. I'll open a ticket in the Debian Security Team


More information about the pkg-dhcp-devel mailing list