--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2012-11079
2012-07-26 03:22:43
--------------------------------------------------------------------------------
Name : dhcp
Product : Fedora 17
Version : 4.2.4
Release : 9.P1.fc17
URL : http://isc.org/products/DHCP/
Summary : Dynamic host configuration protocol software
Description :
DHCP (Dynamic Host Configuration Protocol) is a protocol which allows
individual devices on an IP network to get their own network
configuration information (IP address, subnetmask, broadcast address,
etc.) from a DHCP server. The overall purpose of DHCP is to make it
easier to administer a large network.
To use DHCP on your network, install a DHCP service (or relay agent),
and on clients run a DHCP client daemon. The dhcp package provides
the ISC DHCP service and relay agent.
--------------------------------------------------------------------------------
Update Information:
This is security bugfix release fixing several vulnerabilities.
--------------------------------------------------------------------------------
ChangeLog:
* Fri Jul 27 2012 Jiri Popelka <Ova e-mail adresa je zaštićena od spambota. Potrebno je omogućiti JavaScript da je vidite.> - 12:4.2.4-9.P1
- isc_time_nowplusinterval() is not safe with 64-bit time_t (#662254, #789601)
* Wed Jul 25 2012 Tomas Hozza <Ova e-mail adresa je zaštićena od spambota. Potrebno je omogućiti JavaScript da je vidite.> - 12:4.2.4-8.P1
- Dhclient does not correctly parse zero-length options in
dhclient6.leases (#633318)
* Wed Jul 25 2012 Tomas Hozza <Ova e-mail adresa je zaštićena od spambota. Potrebno je omogućiti JavaScript da je vidite.> - 12:4.2.4-7.P1
- 4.2.4-P1: fix for CVE-2012-3570 CVE-2012-3571 and CVE-2012-3954 (#842892)
* Mon Jul 23 2012 Jiri Popelka <Ova e-mail adresa je zaštićena od spambota. Potrebno je omogućiti JavaScript da je vidite.> - 12:4.2.4-6
- ib.patch: added fall-back method (using ioctl(SIOCGIFHWADDR)) when getting
of HW address with getifaddrs() fails (#626514-c#63, #840601).
* Mon Jul 23 2012 Tomas Hozza <Ova e-mail adresa je zaštićena od spambota. Potrebno je omogućiti JavaScript da je vidite.> - 12:4.2.4-5
- Dhcpd does not correctly follow DhcpFailOverPeerDN (#838400)
* Wed Jul 18 2012 Jiri Popelka <Ova e-mail adresa je zaštićena od spambota. Potrebno je omogućiti JavaScript da je vidite.> - 12:4.2.4-4
- allow dhcpd to listen on alias interfaces (#840601)
* Mon Jul 9 2012 Tomas Hozza <Ova e-mail adresa je zaštićena od spambota. Potrebno je omogućiti JavaScript da je vidite.> - 12:4.2.4-3
- changed list of %verify on the leases files (#837474)
* Mon Jun 18 2012 Jiri Popelka <Ova e-mail adresa je zaštićena od spambota. Potrebno je omogućiti JavaScript da je vidite.> - 12:4.2.4-2
- define $SAVEDIR in dhclient-script (#833054)
* Wed Jun 6 2012 Jiri Popelka <Ova e-mail adresa je zaštićena od spambota. Potrebno je omogućiti JavaScript da je vidite.> - 12:4.2.4-1
- 4.2.4
* Tue Jun 5 2012 Jiri Popelka <Ova e-mail adresa je zaštićena od spambota. Potrebno je omogućiti JavaScript da je vidite.> - 12:4.2.4-0.8.rc2
- return prematurely removed 12-dhcpd (NM dispatcher script) (#828522)
* Fri May 25 2012 Jiri Popelka <Ova e-mail adresa je zaštićena od spambota. Potrebno je omogućiti JavaScript da je vidite.> - 12:4.2.4-0.7.rc2
- getifaddrs.patch: use HAVE_SA_LEN macro
* Wed May 23 2012 Jiri Popelka <Ova e-mail adresa je zaštićena od spambota. Potrebno je omogućiti JavaScript da je vidite.> - 12:4.2.4-0.6.rc2
- 4.2.4rc2
* Mon May 7 2012 Jiri Popelka <Ova e-mail adresa je zaštićena od spambota. Potrebno je omogućiti JavaScript da je vidite.> - 12:4.2.4-0.5.rc1
- dhcpd.service: explicitly add -cf to indicate what conf file we use (#819325)
- no need to copy /etc/*.conf to /etc/dhcp/*.conf in %prep anymore
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #842420 - CVE-2012-3571 dhcp: DoS due to error in handling malformed
client identifiers
https://bugzilla.redhat.com/show_bug.cgi?id=842420
[ 2 ] Bug #842424 - CVE-2012-3570 dhcp: DoS in DHCPv6 due to error in handling
malformed client identifiers
https://bugzilla.redhat.com/show_bug.cgi?id=842424
[ 3 ] Bug #842428 - CVE-2012-3954 dhcp: two memory leaks may result in DoS
https://bugzilla.redhat.com/show_bug.cgi?id=842428
--------------------------------------------------------------------------------
This update can be installed with the "yum" update program. Use
su -c 'yum update dhcp' at the command line.
For more information, refer to "Managing Software with yum",
available at http://docs.fedoraproject.org/yum/.
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
_______________________________________________
package-announce mailing list
Ova e-mail adresa je zaštićena od spambota. Potrebno je omogućiti JavaScript da je vidite.
https://admin.fedoraproject.org/mailman/listinfo/package-announce
Posljednje sigurnosne preporuke