SUSE-SU-2016:0540-1

Описание

This update for dhcp fixes the following issues:

• CVE-2015-8605: A remote attacker could have used badly formed packets with an invalid IPv4 UDP length field to cause a DHCP server, client, or relay program to terminate abnormally (bsc#961305)

The following bugs were fixed:

• bsc#936923: Improper lease duration checking
• bsc#880984: Integer overflows in the date and time handling code
• bsc#956159: fixed service files to start dhcpd after slapd
• bsc#960506: Improve exit reason and logging when /sbin/dhclient-script is unable to pre-init requested interface
• bsc#947780: DHCP server could abort with 'Unable to set up timer: out of range' on very long or infinite timer intervals / lease lifetimes
• bsc#912098: dhclient could pretend to run while silently declining leases
• bsc#919959: server: Do not log success report before send reported success
• bsc#928390: dhclient dit not expose next-server DHCPv4 option to script
• bsc#926159: DHCP preferrend and valid lifetime would be logged incorrectly
• bsc#910686: Prevent a dependency conflict of dhcp-devel with bind-devel package

The following tracked changes affect the build of the package only:

• bsc#891961: Disabled /sbin/service legacy-action hooks