Security update for dhcp
This update for dhcp fixes the following issues:
- CVE-2015-8605: A remote attacker could have used badly formed packets with an invalid IPv4 UDP length field to cause a DHCP server, client, or relay program to terminate abnormally (bsc#961305)
The following bugs were fixed:
- bsc#936923: Improper lease duration checking
- bsc#880984: Integer overflows in the date and time handling code
- bsc#956159: fixed service files to start dhcpd after slapd
- bsc#960506: Improve exit reason and logging when /sbin/dhclient-script is unable to pre-init requested interface
This update was imported from the SUSE:SLE-12-SP1:Update update project.
-
Submitted by
Nirmoy Das (ndas)
Fixed bugs
bnc#960506
/sbin/dhclient-script: unable to pre-init requested interface eth0
bnc#956159
systemd dhcpd service start fails because LDAP server not ready
bnc#936923
L3-Question: maximum dhcpd lease duration time not RFC2131 compliant
bnc#961305
VUL-0: CVE-2015-8605: dhcp: UDP payload length not properly checked enabling DoS
bnc#880984
DHCP unable to write to leases unless deleted first