Overview Details

File _patchinfo of Package patchinfo

<patchinfo incident="dhcp">
  <packager>lijews</packager>
  <issue tracker="cve" id="CVE-2013-2266"></issue>
  <issue tracker="bnc" id="783002">Standard firewall blocks IPv6 UDP ports 546 and 5353</issue>
  <issue tracker="bnc" id="784640">DHCP Server fails to start up if more than one Services are associated with it.</issue>
  <issue tracker="bnc" id="788787">dhcpd truncates dhcpStatements attribute to circa 8K when loading the configuration from LDAP</issue>
  <issue tracker="bnc" id="791280">MTU only at 576 with cable internet provicer via dhcp (eth0) - regression in iscdhcpclient?</issue>
  <issue tracker="bnc" id="791289">dhcpd 4.x fails to start with error "Not configured to listen on any interfaces!" when only an alias interface has been configured</issue>
  <issue tracker="bnc" id="794578">ISC dhcpd dies with SIGPIPE</issue>
  <issue tracker="bnc" id="811934">VUL-0: CVE-2013-2266: dhcp: DHCP 4.2.5-P1 update to fix one security issue</issue>
  <category>security</category>
  <rating>moderate</rating>
  <summary>dhcp: fixed remote denial of service attack</summary>
  <description>The ISC dhcp server was updated to fix a denial of service attack via regular
expressions:
- Removed regex.h check from configure in bind sources (bnc#811934,CVE-2013-2266). Make the bind export library build output visible.

Also fixed:
- Added dhcp6-server service template for SuSEfirewall2 (bnc#783002)
- Applied a patch to ignore SIGPIPE instead to die in socket code before the errno==EPIPE checks are reached (bnc#794578, upstream report [ISC-Bugs #32222])
- Applied several obvious memleak and segfault fixes from 4.2.5rc1 and a correction of code to calculate timing values in dhcpv6 client to compare rebind value to infinity instead of renew(bnc#794578).
- Fixed discovery of interfaces, which have only addresses with a label assigned (linux 2.0 "alias interfaces" compatibility) by switching to use the getifaddrs() as on BSD (bnc#791289, reported upstream as [ISC-Bugs #31992]).
- Fixed parse buffer handling code to not avoid truncation of config &gt; ~8k from bigger ldap objects. Fixed to free the ldap config buffer passed to the config parser and append new config, while the parser is in saved state (bnc#788787).
- Fixed subclass name-ref and data quoting/escaping (bnc#788787).
- Fixed memory leaks on ldap_read_config errors (bnc#788787).
- Fixed dhclient-script to discard MTU lower-equal 576 rather than lower-than (bnc#791280).
- dhcp-ldap: fixed a memleak while subnet range processing, fixed to reset bufix variable in ldap_read_function to 0 and to set buflen to the complete length (do not discard last character, usually \n). This caused a parsing error at further run of the function, e.g. while processing the second dhcpService container that the dhcpServer objectmay refer to (bnc#784640).

</description>
</patchinfo>
openSUSE Build Service is sponsored by
Places