Login
Newsletter
Werbung
Sicherheit: Denial of Service in dhcp
Aktuelle Meldungen Distributionen
Name: Denial of Service in dhcp
ID: FEDORA-2011-0862
Distribution: Fedora
Plattformen: Fedora 14
Datum: Di, 1. Februar 2011, 23:07
Referenzen: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0413
Applikationen: ISC DHCP

Originalnachricht

 
-------------------------------------------------------------------------------
-
Fedora Update Notification
FEDORA-2011-0862
2011-01-28 18:50:50
-------------------------------------------------------------------------------
-

Name        : dhcp
Product     : Fedora 14
Version     : 4.2.0
Release     : 19.P2.fc14
URL         : http://isc.org/products/DHCP/
Summary     : Dynamic host configuration protocol software
Description :
DHCP (Dynamic Host Configuration Protocol) is a protocol which allows
individual devices on an IP network to get their own network
configuration information (IP address, subnetmask, broadcast address,
etc.) from a DHCP server. The overall purpose of DHCP is to make it
easier to administer a large network.  The dhcp package includes the
ISC DHCP service and relay agent.

To use DHCP on your network, install a DHCP service (or relay agent),
and on clients run a DHCP client daemon.  The dhcp package provides
the ISC DHCP service and relay agent.

-------------------------------------------------------------------------------
-
Update Information:

A flaw was discovered in the way the dhcpd daemon processed a message for an
 address that had been previously declined and internally tagged as abandoned. Processing such a message could trigger an assert failure that could crash dhcpd if it was running as a DHCPv6 server. DHCPv4 servers are unaffected. (CVE-2011-0413)
-------------------------------------------------------------------------------
-
ChangeLog:

* Thu Jan 27 2011 Jiri Popelka <jpopelka@redhat.com> - 12:4.2.0-19.P2
- CVE-2011-0413: Unexpected abort caused by a DHCPv6 decline message (#672996)
* Thu Jan 13 2011 Jiri Popelka <jpopelka@redhat.com> - 12:4.2.0-18.P2
- Fix loading of configuration when LDAP is used (#668276)
* Mon Jan  3 2011 Jiri Popelka <jpopelka@redhat.com> - 12:4.2.0-17.P2
- Fix OMAPI (#666441)
* Mon Dec 13 2010 Jiri Popelka <jpopelka@redhat.com> - 12:4.2.0-16.P2
- 4.2.0-P2: fix for CVE-2010-3616 (#662326)
- Use upstream fix for #628258
* Tue Nov  9 2010 Jiri Popelka <jpopelka@redhat.com> - 12:4.2.0-15.P1
- Applied Patrik Lahti's patch for DHCPv6 over PPP support (#626514)
* Fri Nov  5 2010 Jiri Popelka <jpopelka@redhat.com> - 12:4.2.0-14.P1
- fix broken dependencies
* Thu Nov  4 2010 Jiri Popelka <jpopelka@redhat.com> - 12:4.2.0-13.P1
- 4.2.0-P1: fix for CVE-2010-3611 (#649880)
- dhclient-script: when updating 'search' statement in resolv.conf,
  add domain part of hostname if it's not already there (#637763)
* Wed Oct 13 2010 Jiri Popelka <jpopelka@redhat.com> - 12:4.2.0-12
- Server was ignoring client's
  Solicit (where client included address/prefix as a preference) (#634842)
* Thu Oct  7 2010 Jiri Popelka <jpopelka@redhat.com> - 12:4.2.0-11
- Use ping instead of arping in dhclient-script to handle
  not-on-local-net gateway in ARP-less device (#524298)
* Thu Oct  7 2010 Jiri Popelka <jpopelka@redhat.com> - 12:4.2.0-10
- Check whether there is any unexpired address in previous lease
  prior to confirming (INIT-REBOOT) the lease (#585418)
* Mon Oct  4 2010 Jiri Popelka <jpopelka@redhat.com> - 12:4.2.0-9
- RFC 3442 - ignore Router option only if
  Classless Static Routes option contains default router
* Thu Sep 30 2010 Jiri Popelka <jpopelka@redhat.com> - 12:4.2.0-8
- Explicitly clear the ARP cache and flush all addresses & routes
  instead of bringing the interface down (#574568)
* Tue Sep  7 2010 Jiri Popelka <jpopelka@redhat.com> - 12:4.2.0-7
- Hardening dhcpd/dhcrelay/dhclient by making them PIE & RELRO
-------------------------------------------------------------------------------
-
References:

  [ 1 ] Bug #672755 - CVE-2011-0413 dhcp: unexpected abort caused by a DHCPv6
 decline message
        https://bugzilla.redhat.com/show_bug.cgi?id=672755
-------------------------------------------------------------------------------
-

This update can be installed with the "yum" update program.  Use 
su -c 'yum update dhcp' at the command line.
For more information, refer to "Managing Software with yum",
available at http://docs.fedoraproject.org/yum/.

All packages are signed with the Fedora Project GPG key.  More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
-------------------------------------------------------------------------------
-
_______________________________________________
package-announce mailing list
package-announce@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/package-announce
Pro-Linux
Pro-Linux @Facebook
Neue Nachrichten

141
Mach­t's gut!

51
Neue Raspber­ry Pi-Va­ri­an­te mit 8 GB RAM

0
Genode 20.05 frei­ge­ge­ben

9
Sub­ver­si­on 1.14.0-LTS vor­ge­stellt

0
»Hum­ble Ci­ties: Sky­lines Bund­le« vor­ge­stellt

0
End of Life für Co­reOS Con­tai­ner Linux ver­kün­det

32
Elek­tra 0.9.2 er­schie­nen

8
Nex­tDNS ver­lässt die Be­ta-Pha­se

23
Tu­xe­do stellt Ga­mer-Note­book vor

0
Libre Gra­phics Mee­ting be­ginnt als On­li­ne-Va­ri­an­te
 
Werbung