Debian DLA-1908-1 : pump security update
It was discovered that there was an arbitrary code execution vulnerability in the pump BOOTP and DHCP client. When copying the body of the server response, the ethernet packet length could be forged leading to being able to overwrite up to 'ETHFRAMELEN - sizeofipHdr - sizeofudpHdr - sizeofbresp'...