Security update for dhcp
This update for dhcp fixes the following issues:
Security issue fixed:
- CVE-2016-2774: Fixed a denial of service attack against the DHCP server over the OMAPI TCP socket, which could be used
by network adjacent attackers to make the DHCP server non-functional (bsc#969820).
Non security issues fixed:
- Rename freeaddrinfo(), getaddrinfo() and getnameinfo() in the internal libirs
library that does not consider /etc/hosts and /etc/nsswitch.conf to use irs_
prefix. This prevents name conflicts which would result in overriding standard
glibc functions used by libldap. (bsc#972907)
This update was imported from the SUSE:SLE-12-SP1:Update update project.
-
Submitted by
Nirmoy Das (ndas)
Fixed bugs
bnc#972907
dhcpd won't use /etc/hosts to resolve name of ldap-server
bnc#969820
VUL-1: CVE-2016-2774: dhcp: denial of service on IPC TCP ports
CVE-2016-2774
VUL-1: CVE-2016-2774: dhcp: denial of service on IPC TCP ports
