A rogue dhcp server could instruct clients to use a host
name that contains shell meta characters. Since many
scripts in the system do not expect unusal characters in
the system's host name the dhcp client needs to sanitize
the host name offered by the server (CVE-2011-0996).

Note this update is actually just a re-release of the
previous one. The security fix made dhcpcd crash if the
DHCP server sent a SIP option that was not decodable.