update for dhcp
- Applied security fix for a DoS due to processing certain regular
expressions, extracted from 4.2.3-P1 (bnc#735610, CVE-2011-4539):
* Add a check for a null pointer before calling the regexec function.
Without out this check we could, under some circumstances, pass
a null pointer to the regexec function causing it to segfault.
Thanks to a report from BlueCat Networks. [ISC-Bugs #26704]
-
Submitted by
Marius Tomaschewski (mtomaschewski)
Fixed bugs
bnc#735610
VUL-0: CVE-2011-4539: dhcp: DoS due to processing certain regular expressions
CVE-CVE-2011-4539
dhcpd in ISC DHCP 4.x before 4.2.3-P1 and 4.1-ESV before 4.1-ESV-R4 does not properly handle regular expressions in dhcpd.conf, which allows remote attackers to cause a denial of service (daemon crash) via a crafted request packet.
