The ISC dhcp server was updated to fix a denial of service attack via regular
- Removed regex.h check from configure in bind sources (bnc#811934,CVE-2013-2266). Make the bind export library build output visible.
- Added dhcp6-server service template for SuSEfirewall2 (bnc#783002)
- Applied a patch to ignore SIGPIPE instead to die in socket code before the errno==EPIPE checks are reached (bnc#794578, upstream report [ISC-Bugs #32222])
- Applied several obvious memleak and segfault fixes from 4.2.5rc1 and a correction of code to calculate timing values in dhcpv6 client to compare rebind value to infinity instead of renew(bnc#794578).
- Fixed discovery of interfaces, which have only addresses with a label assigned (linux 2.0 "alias interfaces" compatibility) by switching to use the getifaddrs() as on BSD (bnc#791289, reported upstream as [ISC-Bugs #31992]).
- Fixed parse buffer handling code to not avoid truncation of config > ~8k from bigger ldap objects. Fixed to free the ldap config buffer passed to the config parser and append new config, while the parser is in saved state (bnc#788787).
- Fixed subclass name-ref and data quoting/escaping (bnc#788787).
- Fixed memory leaks on ldap_read_config errors (bnc#788787).
- Fixed dhclient-script to discard MTU lower-equal 576 rather than lower-than (bnc#791280).
- dhcp-ldap: fixed a memleak while subnet range processing, fixed to reset bufix variable in ldap_read_function to 0 and to set buflen to the complete length (do not discard last character, usually \n). This caused a parsing error at further run of the function, e.g. while processing the second dhcpService container that the dhcpServer objectmay refer to (bnc#784640).
- Submitted by Stefan Lijewski (lijews)