Overview

File _patchinfo of Package patchinfo.1900

<patchinfo incident="1900">
  <issue id="960506" tracker="bnc">/sbin/dhclient-script: unable to pre-init requested interface eth0</issue>
  <issue id="956159" tracker="bnc">systemd dhcpd service start fails because LDAP server not ready</issue>
  <issue id="936923" tracker="bnc">L3-Question: maximum  dhcpd lease duration time not RFC2131 compliant</issue>
  <issue id="961305" tracker="bnc">VUL-0: CVE-2015-8605: dhcp: UDP payload length not properly checked enabling DoS</issue>
  <issue id="880984" tracker="bnc">DHCP unable to write to leases unless deleted first</issue>
  <issue id="CVE-2015-8605" tracker="cve" />
  <category>security</category>
  <rating>moderate</rating>
  <packager>ndas</packager>
  <description>
This update for dhcp fixes the following issues:

- CVE-2015-8605: A remote attacker could have used badly formed packets with an invalid IPv4 UDP length field to cause a DHCP server, client, or relay program to terminate abnormally (bsc#961305)

The following bugs were fixed:

- bsc#936923: Improper lease duration checking
- bsc#880984: Integer overflows in the date and time handling code
- bsc#956159: fixed service files to start dhcpd after slapd
- bsc#960506: Improve exit reason and logging when /sbin/dhclient-script is unable to pre-init requested interface
</description>
  <summary>Security update for dhcp</summary>
</patchinfo>
openSUSE Build Service is sponsored by
Places