|Related CVEs||CVE-2019-11578 CVE-2019-11579|
Several security vulnerabilities have been discovered in dhcpcd5, a DHCPv4 and DHCPv6 dual-stack client.
dhcp.c in dhcpcd contains a 1-byte read overflow with DHO_OPTSOVERLOADED.
auth.c in dhcpcd allowed attackers to infer secrets by performing latency attacks.
For Debian 9 stretch, these problems have been fixed in version 6.10.1-1+deb9u1.
We recommend that you upgrade your dhcpcd5 packages.
Further information about Extended LTS security advisories can be found in the dedicated section of our website.