drucken bookmarks versenden konfigurieren admin pdf Sicherheit: Ausführen beliebiger Kommandos in dhcp
| Name: |
Ausführen beliebiger Kommandos in dhcp |
|
| ID: |
FEDORA-2011-4897 |
|
| Distribution: |
Fedora |
|
| Plattformen: |
Fedora 14 |
|
| Datum: |
Mi, 13. April 2011, 09:02 |
|
| Referenzen: |
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0997 |
|
| Applikationen: |
ISC DHCP |
|
Originalnachricht |
-------------------------------------------------------------------------------
-
Fedora Update Notification
FEDORA-2011-4897
2011-04-06 21:48:22
-------------------------------------------------------------------------------
-
Name : dhcp
Product : Fedora 14
Version : 4.2.0
Release : 21.P2.fc14
URL : http://isc.org/products/DHCP/
Summary : Dynamic host configuration protocol software
Description :
DHCP (Dynamic Host Configuration Protocol) is a protocol which allows
individual devices on an IP network to get their own network
configuration information (IP address, subnetmask, broadcast address,
etc.) from a DHCP server. The overall purpose of DHCP is to make it
easier to administer a large network. The dhcp package includes the
ISC DHCP service and relay agent.
To use DHCP on your network, install a DHCP service (or relay agent),
and on clients run a DHCP client daemon. The dhcp package provides
the ISC DHCP service and relay agent.
-------------------------------------------------------------------------------
-
Update Information:
This is a SECURITY release of ISC DHCP, which fixes one security
related bug (CVE-2011-0997) in dhclient.
-------------------------------------------------------------------------------
-
ChangeLog:
* Wed Apr 6 2011 Jiri Popelka <jpopelka@redhat.com> - 12:4.2.0-21.P2
- Better fix for CVE-2011-0997: making domain-name check more lenient (#694005)
* Wed Apr 6 2011 Jiri Popelka <jpopelka@redhat.com> - 12:4.2.0-20.P2
- CVE-2011-0997
dhclient: insufficient sanitization of certain DHCP response values (#694005)
* Thu Jan 27 2011 Jiri Popelka <jpopelka@redhat.com> - 12:4.2.0-19.P2
- CVE-2011-0413: Unexpected abort caused by a DHCPv6 decline message (#672996)
* Thu Jan 13 2011 Jiri Popelka <jpopelka@redhat.com> - 12:4.2.0-18.P2
- Fix loading of configuration when LDAP is used (#668276)
* Mon Jan 3 2011 Jiri Popelka <jpopelka@redhat.com> - 12:4.2.0-17.P2
- Fix OMAPI (#666441)
* Mon Dec 13 2010 Jiri Popelka <jpopelka@redhat.com> - 12:4.2.0-16.P2
- 4.2.0-P2: fix for CVE-2010-3616 (#662326)
- Use upstream fix for #628258
* Tue Nov 9 2010 Jiri Popelka <jpopelka@redhat.com> - 12:4.2.0-15.P1
- Applied Patrik Lahti's patch for DHCPv6 over PPP support (#626514)
* Fri Nov 5 2010 Jiri Popelka <jpopelka@redhat.com> - 12:4.2.0-14.P1
- fix broken dependencies
* Thu Nov 4 2010 Jiri Popelka <jpopelka@redhat.com> - 12:4.2.0-13.P1
- 4.2.0-P1: fix for CVE-2010-3611 (#649880)
- dhclient-script: when updating 'search' statement in resolv.conf,
add domain part of hostname if it's not already there (#637763)
* Wed Oct 13 2010 Jiri Popelka <jpopelka@redhat.com> - 12:4.2.0-12
- Server was ignoring client's
Solicit (where client included address/prefix as a preference) (#634842)
* Thu Oct 7 2010 Jiri Popelka <jpopelka@redhat.com> - 12:4.2.0-11
- Use ping instead of arping in dhclient-script to handle
not-on-local-net gateway in ARP-less device (#524298)
* Thu Oct 7 2010 Jiri Popelka <jpopelka@redhat.com> - 12:4.2.0-10
- Check whether there is any unexpired address in previous lease
prior to confirming (INIT-REBOOT) the lease (#585418)
* Mon Oct 4 2010 Jiri Popelka <jpopelka@redhat.com> - 12:4.2.0-9
- RFC 3442 - ignore Router option only if
Classless Static Routes option contains default router
* Thu Sep 30 2010 Jiri Popelka <jpopelka@redhat.com> - 12:4.2.0-8
- Explicitly clear the ARP cache and flush all addresses & routes
instead of bringing the interface down (#574568)
* Tue Sep 7 2010 Jiri Popelka <jpopelka@redhat.com> - 12:4.2.0-7
- Hardening dhcpd/dhcrelay/dhclient by making them PIE & RELRO
-------------------------------------------------------------------------------
-
References:
[ 1 ] Bug #689832 - CVE-2011-0997 dhclient: insufficient sanitization of
certain DHCP response values
https://bugzilla.redhat.com/show_bug.cgi?id=689832
-------------------------------------------------------------------------------
-
This update can be installed with the "yum" update program. Use
su -c 'yum update dhcp' at the command line.
For more information, refer to "Managing Software with yum",
available at http://docs.fedoraproject.org/yum/.
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
-------------------------------------------------------------------------------
-
_______________________________________________
package-announce mailing list
package-announce@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/package-announce
|
|
|
|
