drucken bookmarks versenden konfigurieren admin pdf Sicherheit: Denial of Service in dhcp
Name: |
Denial of Service in dhcp |
|
ID: |
FEDORA-2011-0862 |
|
Distribution: |
Fedora |
|
Plattformen: |
Fedora 14 |
|
Datum: |
Di, 1. Februar 2011, 23:07 |
|
Referenzen: |
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0413 |
|
Applikationen: |
ISC DHCP |
|
Originalnachricht |
------------------------------------------------------------------------------- - Fedora Update Notification FEDORA-2011-0862 2011-01-28 18:50:50 ------------------------------------------------------------------------------- -
Name : dhcp Product : Fedora 14 Version : 4.2.0 Release : 19.P2.fc14 URL : http://isc.org/products/DHCP/ Summary : Dynamic host configuration protocol software Description : DHCP (Dynamic Host Configuration Protocol) is a protocol which allows individual devices on an IP network to get their own network configuration information (IP address, subnetmask, broadcast address, etc.) from a DHCP server. The overall purpose of DHCP is to make it easier to administer a large network. The dhcp package includes the ISC DHCP service and relay agent.
To use DHCP on your network, install a DHCP service (or relay agent), and on clients run a DHCP client daemon. The dhcp package provides the ISC DHCP service and relay agent.
------------------------------------------------------------------------------- - Update Information:
A flaw was discovered in the way the dhcpd daemon processed a message for an address that had been previously declined and internally tagged as abandoned. Processing such a message could trigger an assert failure that could crash dhcpd if it was running as a DHCPv6 server. DHCPv4 servers are unaffected. (CVE-2011-0413) ------------------------------------------------------------------------------- - ChangeLog:
* Thu Jan 27 2011 Jiri Popelka <jpopelka@redhat.com> - 12:4.2.0-19.P2 - CVE-2011-0413: Unexpected abort caused by a DHCPv6 decline message (#672996) * Thu Jan 13 2011 Jiri Popelka <jpopelka@redhat.com> - 12:4.2.0-18.P2 - Fix loading of configuration when LDAP is used (#668276) * Mon Jan 3 2011 Jiri Popelka <jpopelka@redhat.com> - 12:4.2.0-17.P2 - Fix OMAPI (#666441) * Mon Dec 13 2010 Jiri Popelka <jpopelka@redhat.com> - 12:4.2.0-16.P2 - 4.2.0-P2: fix for CVE-2010-3616 (#662326) - Use upstream fix for #628258 * Tue Nov 9 2010 Jiri Popelka <jpopelka@redhat.com> - 12:4.2.0-15.P1 - Applied Patrik Lahti's patch for DHCPv6 over PPP support (#626514) * Fri Nov 5 2010 Jiri Popelka <jpopelka@redhat.com> - 12:4.2.0-14.P1 - fix broken dependencies * Thu Nov 4 2010 Jiri Popelka <jpopelka@redhat.com> - 12:4.2.0-13.P1 - 4.2.0-P1: fix for CVE-2010-3611 (#649880) - dhclient-script: when updating 'search' statement in resolv.conf, add domain part of hostname if it's not already there (#637763) * Wed Oct 13 2010 Jiri Popelka <jpopelka@redhat.com> - 12:4.2.0-12 - Server was ignoring client's Solicit (where client included address/prefix as a preference) (#634842) * Thu Oct 7 2010 Jiri Popelka <jpopelka@redhat.com> - 12:4.2.0-11 - Use ping instead of arping in dhclient-script to handle not-on-local-net gateway in ARP-less device (#524298) * Thu Oct 7 2010 Jiri Popelka <jpopelka@redhat.com> - 12:4.2.0-10 - Check whether there is any unexpired address in previous lease prior to confirming (INIT-REBOOT) the lease (#585418) * Mon Oct 4 2010 Jiri Popelka <jpopelka@redhat.com> - 12:4.2.0-9 - RFC 3442 - ignore Router option only if Classless Static Routes option contains default router * Thu Sep 30 2010 Jiri Popelka <jpopelka@redhat.com> - 12:4.2.0-8 - Explicitly clear the ARP cache and flush all addresses & routes instead of bringing the interface down (#574568) * Tue Sep 7 2010 Jiri Popelka <jpopelka@redhat.com> - 12:4.2.0-7 - Hardening dhcpd/dhcrelay/dhclient by making them PIE & RELRO ------------------------------------------------------------------------------- - References:
[ 1 ] Bug #672755 - CVE-2011-0413 dhcp: unexpected abort caused by a DHCPv6 decline message https://bugzilla.redhat.com/show_bug.cgi?id=672755 ------------------------------------------------------------------------------- -
This update can be installed with the "yum" update program. Use su -c 'yum update dhcp' at the command line. For more information, refer to "Managing Software with yum", available at http://docs.fedoraproject.org/yum/.
All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys ------------------------------------------------------------------------------- - _______________________________________________ package-announce mailing list package-announce@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/package-announce
|
|
|
|