1 |
dhcpcd-1.3.22_p3-r2.ebuild compiles and seems to run fine on my g4. I |
2 |
wonder if the other platforms ought not to test it and get it unmasked |
3 |
considering the changelog entry below... |
4 |
|
5 |
http://www.phystech.com/download/dhcpcd_changelog.html |
6 |
|
7 |
09/21/02 - v.1.3.22-pl2 |
8 |
|
9 |
...other changes... |
10 |
|
11 |
Simon Kelley <simon@××××××××××××××.uk> pointed out at security bug in |
12 |
dhcpcd related to *.info file. A malicios administrator of untrusted |
13 |
DHCP server may execute any command with root privileges on DHCP |
14 |
client machine by sending the command enclosed in shell metacharacters |
15 |
in one of DHCP server provided options. Fixed by enclosing all strings |
16 |
in *.info file into single quotes and replacing any single quotes |
17 |
found in DHCP option strings with space. - S.V. |
18 |
|
19 |
|
20 |
-- |
21 |
Mike Small |
22 |
smallm@×××××.com |
23 |
|
24 |
-- |
25 |
gentoo-ppc-dev@g.o mailing list |