openSUSE-SU-2016:0610-1

Опубликовано: 29 фев. 2016

Источник: suse-cvrf

Описание

Security update for dhcp

This update for dhcp fixes the following issues:

CVE-2015-8605: A remote attacker could have used badly formed packets with an invalid IPv4 UDP length field to cause a DHCP server, client, or relay program to terminate abnormally (bsc#961305)

The following bugs were fixed:

bsc#936923: Improper lease duration checking
bsc#880984: Integer overflows in the date and time handling code
bsc#956159: fixed service files to start dhcpd after slapd
bsc#960506: Improve exit reason and logging when /sbin/dhclient-script is unable to pre-init requested interface

This update was imported from the SUSE:SLE-12-SP1:Update update project.

Список пакетов

openSUSE Leap 42.1

dhcp-4.3.3-4.1

dhcp-client-4.3.3-4.1

dhcp-devel-4.3.3-4.1

dhcp-doc-4.3.3-4.1

dhcp-relay-4.3.3-4.1

dhcp-server-4.3.3-4.1

Ссылки

https://lists.opensuse.org/opensuse-updates/2016-02/msg00168.html
E-Mail link for openSUSE-SU-2016:0610-1
https://www.suse.com/support/security/rating/
SUSE Security Ratings

Описание

ISC DHCP 4.x before 4.1-ESV-R12-P1, 4.2.x, and 4.3.x before 4.3.3-P1 allows remote attackers to cause a denial of service (application crash) via an invalid length field in a UDP IPv4 packet.

Затронутые продукты

openSUSE Leap 42.1:dhcp-4.3.3-4.1

openSUSE Leap 42.1:dhcp-client-4.3.3-4.1

openSUSE Leap 42.1:dhcp-devel-4.3.3-4.1

openSUSE Leap 42.1:dhcp-doc-4.3.3-4.1

Ссылки

https://www.suse.com/security/cve/CVE-2015-8605.html
CVE-2015-8605
https://bugzilla.suse.com/961305
SUSE Bug 961305

openSUSE-SU-2016:0610-1

Описание

Список пакетов

openSUSE Leap 42.1

Ссылки

Уязвимость: CVE-2015-8605

Описание

Затронутые продукты

Ссылки