Detalji

Objavljena je nadogradnja programskog paketa dhcp, namijenjenog radu na operacijskom sustavu Fedora 14. Dhcp je programski paket koji implementira protokol DHCP (eng. Dynamic Host Configuration Protocol). Objavljena nadogradnja ispravlja nekoliko sigurnosnih propusta poput neispravnog filtriranja određenih vrijednosti paketa s DHCP odgovorima te moguće pojave dereferenciranja NULL pokazivača. Udaljeni, zlonamjerni korisnici mogu iskoristiti spomenute propuste za pokretanje napada uskraćivanja usluge ili izvršavanje proizvoljnog programskog koda. Svim se korisnicima savjetuje primjena nadogradnje.

--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2011-4897
2011-04-06 21:48:22
--------------------------------------------------------------------------------

Name        : dhcp
Product     : Fedora 14
Version     : 4.2.0
Release     : 21.P2.fc14
URL         : http://isc.org/products/DHCP/
Summary     : Dynamic host configuration protocol software
Description :
DHCP (Dynamic Host Configuration Protocol) is a protocol which allows
individual devices on an IP network to get their own network
configuration information (IP address, subnetmask, broadcast address,
etc.) from a DHCP server. The overall purpose of DHCP is to make it
easier to administer a large network.  The dhcp package includes the
ISC DHCP service and relay agent.

To use DHCP on your network, install a DHCP service (or relay agent),
and on clients run a DHCP client daemon.  The dhcp package provides
the ISC DHCP service and relay agent.

--------------------------------------------------------------------------------
Update Information:

This is a SECURITY release of ISC DHCP, which fixes one security
related bug (CVE-2011-0997) in dhclient.
--------------------------------------------------------------------------------
ChangeLog:

* Wed Apr  6 2011 Jiri Popelka <Ova e-mail adresa je zaštićena od spambota. Potrebno je omogućiti JavaScript da je vidite.> - 12:4.2.0-21.P2
- Better fix for CVE-2011-0997: making domain-name check more lenient
(#694005)
* Wed Apr  6 2011 Jiri Popelka <Ova e-mail adresa je zaštićena od spambota. Potrebno je omogućiti JavaScript da je vidite.> - 12:4.2.0-20.P2
- CVE-2011-0997
  dhclient: insufficient sanitization of certain DHCP response values
(#694005)
* Thu Jan 27 2011 Jiri Popelka <Ova e-mail adresa je zaštićena od spambota. Potrebno je omogućiti JavaScript da je vidite.> - 12:4.2.0-19.P2
- CVE-2011-0413: Unexpected abort caused by a DHCPv6 decline message (#672996)
* Thu Jan 13 2011 Jiri Popelka <Ova e-mail adresa je zaštićena od spambota. Potrebno je omogućiti JavaScript da je vidite.> - 12:4.2.0-18.P2
- Fix loading of configuration when LDAP is used (#668276)
* Mon Jan  3 2011 Jiri Popelka <Ova e-mail adresa je zaštićena od spambota. Potrebno je omogućiti JavaScript da je vidite.> - 12:4.2.0-17.P2
- Fix OMAPI (#666441)
* Mon Dec 13 2010 Jiri Popelka <Ova e-mail adresa je zaštićena od spambota. Potrebno je omogućiti JavaScript da je vidite.> - 12:4.2.0-16.P2
- 4.2.0-P2: fix for CVE-2010-3616 (#662326)
- Use upstream fix for #628258
* Tue Nov  9 2010 Jiri Popelka <Ova e-mail adresa je zaštićena od spambota. Potrebno je omogućiti JavaScript da je vidite.> - 12:4.2.0-15.P1
- Applied Patrik Lahti's patch for DHCPv6 over PPP support (#626514)
* Fri Nov  5 2010 Jiri Popelka <Ova e-mail adresa je zaštićena od spambota. Potrebno je omogućiti JavaScript da je vidite.> - 12:4.2.0-14.P1
- fix broken dependencies
* Thu Nov  4 2010 Jiri Popelka <Ova e-mail adresa je zaštićena od spambota. Potrebno je omogućiti JavaScript da je vidite.> - 12:4.2.0-13.P1
- 4.2.0-P1: fix for CVE-2010-3611 (#649880)
- dhclient-script: when updating 'search' statement in resolv.conf,
  add domain part of hostname if it's not already there (#637763)
* Wed Oct 13 2010 Jiri Popelka <Ova e-mail adresa je zaštićena od spambota. Potrebno je omogućiti JavaScript da je vidite.> - 12:4.2.0-12
- Server was ignoring client's
  Solicit (where client included address/prefix as a preference) (#634842)
* Thu Oct  7 2010 Jiri Popelka <Ova e-mail adresa je zaštićena od spambota. Potrebno je omogućiti JavaScript da je vidite.> - 12:4.2.0-11
- Use ping instead of arping in dhclient-script to handle
  not-on-local-net gateway in ARP-less device (#524298)
* Thu Oct  7 2010 Jiri Popelka <Ova e-mail adresa je zaštićena od spambota. Potrebno je omogućiti JavaScript da je vidite.> - 12:4.2.0-10
- Check whether there is any unexpired address in previous lease
  prior to confirming (INIT-REBOOT) the lease (#585418)
* Mon Oct  4 2010 Jiri Popelka <Ova e-mail adresa je zaštićena od spambota. Potrebno je omogućiti JavaScript da je vidite.> - 12:4.2.0-9
- RFC 3442 - ignore Router option only if
  Classless Static Routes option contains default router
* Thu Sep 30 2010 Jiri Popelka <Ova e-mail adresa je zaštićena od spambota. Potrebno je omogućiti JavaScript da je vidite.> - 12:4.2.0-8
- Explicitly clear the ARP cache and flush all addresses & routes
  instead of bringing the interface down (#574568)
* Tue Sep  7 2010 Jiri Popelka <Ova e-mail adresa je zaštićena od spambota. Potrebno je omogućiti JavaScript da je vidite.> - 12:4.2.0-7
- Hardening dhcpd/dhcrelay/dhclient by making them PIE & RELRO
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #689832 - CVE-2011-0997 dhclient: insufficient sanitization of
certain DHCP response values
        https://bugzilla.redhat.com/show_bug.cgi?id=689832
--------------------------------------------------------------------------------

This update can be installed with the "yum" update program.  Use 
su -c 'yum update dhcp' at the command line.
For more information, refer to "Managing Software with yum",
available at http://docs.fedoraproject.org/yum/.

All packages are signed with the Fedora Project GPG key.  More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
_______________________________________________
package-announce mailing list
Ova e-mail adresa je zaštićena od spambota. Potrebno je omogućiti JavaScript da je vidite.
https://admin.fedoraproject.org/mailman/listinfo/package-announce

Idi na vrh