| Release | Version |
|---|---|
| jessie | 6.0.5-2+deb8u1 |
| stretch | 6.10.1-1+deb9u1 |
| buster | 7.1.0-2 |
| bullseye | 7.1.0-2 |
| bookworm | 9.4.1-24~deb12u4 |
| Bug | jessie | stretch | buster | bullseye | bookworm | Description |
|---|---|---|---|---|---|---|
| CVE-2019-11766 | fixed | vulnerable (no DSA) | fixed | fixed | fixed | dhcp6.c in dhcpcd before 6.11.7 and 7.x before 7.2.2 has a buffer over ... |
| CVE-2014-7912 | vulnerable (no DSA) | fixed | fixed | fixed | fixed | The get_option function in dhcp.c in dhcpcd before 6.2.0, as used in d ... |
| Bug | jessie | stretch | buster | bullseye | bookworm | Description |
|---|---|---|---|---|---|---|
| CVE-2014-7913 | vulnerable | vulnerable | fixed | fixed | fixed | The print_option function in dhcp-common.c in dhcpcd through 6.9.1, as ... |
| Bug | Description |
|---|---|
| CVE-2019-11579 | dhcp.c in dhcpcd before 7.2.1 contains a 1-byte read overflow with DHO ... |
| CVE-2019-11578 | auth.c in dhcpcd before 7.2.1 allowed attackers to infer secrets by pe ... |
| CVE-2019-11577 | dhcpcd before 7.2.1 contains a buffer overflow in dhcp6_findna in dhcp ... |
| CVE-2016-1504 | dhcpcd before 6.10.0 allows remote attackers to cause a denial of serv ... |
| CVE-2016-1503 | dhcpcd before 6.10.0, as used in Android 4.x before 4.4.4, 5.0.x befor ... |
| CVE-2014-6060 | The get_option function in dhcpcd 4.0.0 through 6.x before 6.4.3 allow ... |
| DSA / DLA | Description |
|---|---|
| ELA-742-1 | dhcpcd5 - security update |
| DLA-1793-1 | dhcpcd5 - security update |
| DLA-506-1 | dhcpcd5 - security update |