Описание
Security update for dhcp
This update for dhcp fixes several issues.
This security issue was fixed:
- CVE-2017-3144: OMAPI code didn't free socket descriptors when empty message is received allowing DoS (bsc#1076119).
These non-security issues were fixed:
- Optimized if and when DNS client context and ports are initted (bsc#1073935)
- Relax permission of dhclient-script for libguestfs (bsc#987170)
- Modify dhclient-script to handle static route updates (bsc#1023415).
- Use only the 12 least significant bits of an inbound packet's TCI value as the VLAN ID to fix some packages being wrongly discarded by the Linux packet filter. (bsc#1059061)
This update was imported from the SUSE:SLE-12-SP1:Update update project.
Список пакетов
openSUSE Leap 42.3
dhcp-4.3.3-11.3.1
dhcp-client-4.3.3-11.3.1
dhcp-devel-4.3.3-11.3.1
dhcp-doc-4.3.3-11.3.1
dhcp-relay-4.3.3-11.3.1
dhcp-server-4.3.3-11.3.1
Ссылки
- E-Mail link for openSUSE-SU-2018:0537-1
- SUSE Security Ratings
Описание
A vulnerability stemming from failure to properly clean up closed OMAPI connections can lead to exhaustion of the pool of socket descriptors available to the DHCP server. Affects ISC DHCP 4.1.0 to 4.1-ESV-R15, 4.2.0 to 4.2.8, 4.3.0 to 4.3.6. Older versions may also be affected but are well beyond their end-of-life (EOL). Releases prior to 4.1.0 have not been tested.
Затронутые продукты
openSUSE Leap 42.3:dhcp-4.3.3-11.3.1
openSUSE Leap 42.3:dhcp-client-4.3.3-11.3.1
openSUSE Leap 42.3:dhcp-devel-4.3.3-11.3.1
openSUSE Leap 42.3:dhcp-doc-4.3.3-11.3.1
Ссылки
- CVE-2017-3144
- SUSE Bug 1076118
- SUSE Bug 1076119