- Merged package from openSUSE-12.1 with update to ISC dhcp-4.2.4-P1
release, providing following security fixes (bnc#772924):
- Previously the server code was relaxed to allow packets with zero
length client ids to be processed. Under some situations use of
zero length client ids can cause the server to go into an infinite
loop. As such ids are not valid according to RFC 2132 section 9.14
the server no longer accepts them. Client ids with a length of 1
are also invalid but the server still accepts them in order to
minimize disruption. The restriction will likely be tightened in
the future to disallow ids with a length of 1.
Thanks to Markus Hietava of Codenomicon CROSS project for the
finding this issue and CERT-FI for vulnerability coordination.
[ISC-Bugs #29851] CVE: CVE-2012-3571
- When attempting to convert a DUID from a client id option
into a hardware address handle unexpected client ids properly.
Thanks to Markus Hietava of Codenomicon CROSS project for the
finding this issue and CERT-FI for vulnerability coordination.
[ISC-Bugs #29852] CVE: CVE-2012-3570
- A pair of memory leaks were found and fixed. Thanks to Glen
Eustace of Massey University, New Zealand for finding this issue.
[ISC-Bugs #30024] CVE: CVE-2012-3954
- Update to ISC dhcp-4.2.4 release, fixing a dhcpv6 server assert
crash while accessing lease on heap (bnc#767661) and other issues.
Please read the RELNOTES file for complete list of changes.
- Replaced our patches with a complete and upstream verified patch:
- Fix some issues in the code for parsing and printing options.
[ISC-Bugs #27314] - properly parse a zero length option from
a lease file.
[ISC-Bugs #22796] - properly determine if we parsed a 16 or
32 bit value in evaluate_numeric_expression (extract-int).