An update that fixes two vulnerabilities is now available.
This update for wicked fixes the following issues:
- CVE-2019-18903: Fixed a use-after-free when receiving invalid DHCP6 IA_PD option (bsc#1160904). - CVE-2020-7217: Fixed a memory leak in DHCP4 fsm when processing packets for other client ids (bsc#1160906).
This update was imported from the SUSE:SLE-15-SP1:Update update project.
To install this openSUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product: