[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

[SECURITY] [DLA 1908-1] pump security update



-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Package        : pump
Version        : 0.8.24-7+deb8u1
Debian Bug     : #933674

It was discovered that there was an arbitrary code execution
vulnerability in the pump BOOTP and DHCP client.

When copying the body of the server response, the ethernet packet
length could be forged leading to being able to overwrite up to
"ETH_FRAME_LEN - sizeof(*ipHdr) - sizeof(*udpHdr) - sizeof(*bresp)"
bytes of stack memory.

Thanks to <ltspro2@secmail.pro> for the report and patch.

For Debian 8 "Jessie", this issue has been fixed in pump version
0.8.24-7+deb8u1.

We recommend that you upgrade your pump packages.


Regards,

- -- 
      ,''`.
     : :'  :     Chris Lamb
     `. `'`      lamby@debian.org / chris-lamb.co.uk
       `-

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCAAdFiEEwv5L0nHBObhsUz5GHpU+J9QxHlgFAl1tHDQACgkQHpU+J9Qx
Hlicyw/+PNnwsVzkx0M+us36N8OxRz5oI7FAlpVrQEGxVQ3TN0CvzZbOeQtLr+V9
Rx8j1vYeboe7Pu+pPXzV63dlZ8YEoVddgbGM1+j/27pSXGqxpcYFlz36joznrisB
0N10I+s9JIyt2bTxwe3Fc3mkqQnBk/W0e5N3yVOMB4G6E31fIa/akA5e+sS/hU3I
zXIRENGke0TwSnOg97bQh05j46LacxuEN4cafRNSAZfmB0JFui4J5ZTaK2Em/OhN
G4VGjmxQl5beL4cYFnTuF+wJpXMCkYkMBH0qJAyXXl59SwnF/2BKYoPZe2jpTVFa
Dx3b6TeMKwtYQxF3rfEbrDc+eUS2u7bkF22hD35qre2iZ1V0UI6Z5ZKnU8eUtK1i
8Lwapc+pIE+w1144c8QdJOHjwZB78D1tqh8sNS6Y1hFa0aMF8lnab7fy+cIrJ3Fs
FwV/Xhuy10kb0aVX593W5br1hu4YlgPPB6I/+7pCcZ5oHKuE7Z0JVmIPLDqiKBgS
u4KS0CuPehbtwZ9sUdSyM9/+bm7N34Cnp5yMePjH163XTnK8Ummg97IT0t09264p
yoYgOXRtjllUTZx/m4R0xfI+QAHMvg6mGf9SuNwcDm3Ijm+8Xg0CNhIuiOpMdEUg
eBysQwBZynkOBiBwysD4yotIqsDNmU+lM/6yPogbe/erKktgGHE=
=SF0p
-----END PGP SIGNATURE-----


Reply to: