Описание
ELSA-2025-21038: kea security update (IMPORTANT)
[3.0.1-2]
- Fixes CVE-2025-11232
[3.0.1-1]
- New version 3.0.1
- Fixes CVE-2025-40779
Обновленные пакеты
Oracle Linux 10
Oracle Linux aarch64
kea-doc
3.0.1-2.el10_1
kea-hooks
3.0.1-2.el10_1
kea
3.0.1-2.el10_1
kea-libs
3.0.1-2.el10_1
kea-keama
3.0.1-2.el10_1
Oracle Linux x86_64
kea-doc
3.0.1-2.el10_1
kea-hooks
3.0.1-2.el10_1
kea
3.0.1-2.el10_1
kea-libs
3.0.1-2.el10_1
kea-keama
3.0.1-2.el10_1
Связанные CVE
Связанные уязвимости
To trigger the issue, three configuration parameters must have specific settings: "hostname-char-set" must be left at the default setting, which is "[^A-Za-z0-9.-]"; "hostname-char-replacement" must be empty (the default); and "ddns-qualifying-suffix" must *NOT* be empty (the default is empty). DDNS updates do not need to be enabled for this issue to manifest. A client that sends certain option content would then cause kea-dhcp4 to exit unexpectedly. This issue affects Kea versions 3.0.1 through 3.0.1 and 3.1.1 through 3.1.2.
To trigger the issue, three configuration parameters must have specific settings: "hostname-char-set" must be left at the default setting, which is "[^A-Za-z0-9.-]"; "hostname-char-replacement" must be empty (the default); and "ddns-qualifying-suffix" must *NOT* be empty (the default is empty). DDNS updates do not need to be enabled for this issue to manifest. A client that sends certain option content would then cause kea-dhcp4 to exit unexpectedly. This issue affects Kea versions 3.0.1 through 3.0.1 and 3.1.1 through 3.1.2.
To trigger the issue, three configuration parameters must have specifi ...
