[SECURITY] Fedora 10 Update: dhcp-4.0.0-37.fc10
updates at fedoraproject.org
updates at fedoraproject.org
Tue Aug 25 22:12:17 UTC 2009
--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2009-8344
2009-08-07 04:36:20
--------------------------------------------------------------------------------
Name : dhcp
Product : Fedora 10
Version : 4.0.0
Release : 37.fc10
URL : http://isc.org/products/DHCP/
Summary : DHCP (Dynamic Host Configuration Protocol) server and relay agent
Description :
DHCP (Dynamic Host Configuration Protocol) is a protocol which allows
individual devices on an IP network to get their own network
configuration information (IP address, subnetmask, broadcast address,
etc.) from a DHCP server. The overall purpose of DHCP is to make it
easier to administer a large network. The dhcp package includes the
ISC DHCP service and relay agent.
To use DHCP on your network, install a DHCP service (or relay agent),
and on clients run a DHCP client daemon. The dhcp package provides
the ISC DHCP service and relay agent.
--------------------------------------------------------------------------------
Update Information:
This update to the dhcp package includes fixes for CVE-2009-0692 and
CVE-2009-1892. More information on these issues are available here:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0692
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1892 Note:
CVE-2009-0692 had no security consequences on Fedora, thanks to the use of
FORTIFY_SOURCE
--------------------------------------------------------------------------------
ChangeLog:
* Wed Aug 5 2009 David Cantrell <dcantrell at redhat.com> - 12:4.0.0-37
- Fix for CVE-2009-0692
- Fix for CVE-2009-1892 (#511834)
* Fri Jun 26 2009 David Cantrell <dcantrell at redhat.com> - 12:4.0.0-36
- Fix SELinux denials in dhclient-script when the script makes backup
configuration files and restores them later (#483747)
* Mon Apr 20 2009 David Cantrell <dcantrell at redhat.com> - 12:4.0.0-35
- Make dhclient-script work with pre-configured wireless interfaces (#491157)
* Thu Apr 16 2009 David Cantrell <dcantrell at redhat.com> - 12:4.0.0-34
- Fix setting default route when client IP address changes (#486512, #473658)
- Restore SELinux context on /etc/ntp.conf and /etc/yp.conf (#483747)
- 'reload' and 'try-restart' on dhcpd and dhcrelay init scripts
will display usage information and return code 3
* Wed Dec 3 2008 David Cantrell <dcantrell at redhat.com> - 12:4.0.0-33
- Do not calculate a prefix for an address we did not receive (#473885)
* Tue Nov 11 2008 David Cantrell <dcantrell at redhat.com> - 12:4.0.0-32
- Correctly source ifcfg-DEVICE files (#470928)
- Honor $keep_old_ip in dhclient-script (#471127)
* Wed Oct 29 2008 David Cantrell <dcantrell at redhat.com> - 12:4.0.0-31
- Use O_CLOEXEC in open(2) calls and "e" mode in fopen(3) calls, build
with -D_GNU_SOURCE so we pick up O_CLOEXEC (#468984)
- Add missing prototype for validate_port() in common/inet.c
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #511834 - CVE-2009-1892 dhcp: DoS/abort in some configs with client-identifier and hardware address host specifications
https://bugzilla.redhat.com/show_bug.cgi?id=511834
--------------------------------------------------------------------------------
This update can be installed with the "yum" update program. Use
su -c 'yum update dhcp' at the command line.
For more information, refer to "Managing Software with yum",
available at http://docs.fedoraproject.org/yum/.
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
http://fedoraproject.org/keys
--------------------------------------------------------------------------------
More information about the Fedora-package-announce
mailing list