File _patchinfo of Package patchinfo.import5081

<patchinfo incident="dhcp" version="5081">
  <issue tracker="bnc" id="712653" />
  <issue tracker="bnc" id="700771" />
  <issue tracker="bnc" id="712438" />
  <issue tracker="bnc" id="711420" />
  <issue tracker="bnc" id="714004" />
  <issue tracker="CVE" id="CVE-2011-2748" />
  <issue tracker="CVE" id="CVE-2011-2749" />
  <category>security</category>
  <rating>low</rating>
  <summary>dhcp: Fixed two denial of service flaws and some bugs</summary>
  <description>This update of dhcp fixes two Denial of Service
(CVE-2011-2748, CVE-2011-2749) vulnerabilities caused by
specially crafted BOOTP packets.

Also following bugs were fixed:
- Moved server pid files into chroot directory even chroot
  is not used and create a link in /var/run, so it can
  write one when started as user without chroot and avoid
  stop problems when the chroot sysconfig setting changed
  (bnc#712438).
- Fixed dhclient-script to not remove alias IP when it
  didn't changed to not wipe out iptables connmark when
  renewing the lease (bnc#700771). Thanks to James Carter
  for the patch.
- Removed GPL licensed files (bind-*/contrib/dbus) from
  bind.tgz to ensure, they're not used to build non-GPL
  dhcp.
- Disabled log-info level messages in dhclient(6) quiet
  mode to avoid excessive logging of non-critical messages
  (bnc#711420).
</description>
  <packager>adrianSuSE</packager>
</patchinfo>