FL 7.3: dhcp 2.x CAN-2004-1006
Charles R. Anderson
cra at WPI.EDU
Tue Nov 9 01:07:41 UTC 2004
Red Hat Linux 7.3 is affected. See bugzilla:
https://bugzilla.fedora.us/show_bug.cgi?id=2251
----- Forwarded message from "David W. Hankins" <David_Hankins at isc.org> -----
From: "David W. Hankins" <David_Hankins at isc.org>
To: dhcp-announce at isc.org
Date: Mon, 8 Nov 2004 16:33:45 -0800
Subject: dhcp-2 Security Announcement
Message-ID: <20041109003345.GG763 at isc.org>
Precedence: bulk
Reply-To: dhcp-server at isc.org
*** From dhcp-announce -- To unsubscribe, see the end of this message. ***
Debian has recently distributed a security advisory on the dhcp-2.0pl5
package they distribute. You can read about that here:
http://www.debian.org/security/2004/dsa-584
The following versions of ISC DHCP are vulnerable:
dhcp-2.0: All versions are vulnerable.
dhcp-3.0: dhcp-3.0b1pl17 and previous versions are vulnerable.
All users of these versions should upgrade to the latest dhcp-3
release, currently dhcp-3.0.1.
Note: If for some reason upgrading from dhcp-2 is not possible, you
may also consider applying this patch:
ftp://ftp.isc.org/isc/dhcp/dhcp-2.0-history/dhcp-2.0pl6.patch
ftp://ftp.isc.org/isc/dhcp/dhcp-2.0-history/dhcp-2.0pl6.patch.asc
But users are strongly advised to make the upgrade to dhcp-3 now.
--
David W. Hankins "If you don't do it right the first time,
Operations Engineer you'll just have to do it again."
Internet Systems Consortium, Inc. -- Jack T. Hankins
-----------------------------------------------------------------------
To unsubscribe from this list, visit http://www.isc.org/dhcp-lists.html
or send mail to dhcp-announce-request at isc.org with the subject line of
'unsubscribe'.
-----------------------------------------------------------------------
----- End forwarded message -----
More information about the fedora-legacy-list
mailing list