Alerts This Week
Warning Icon 1 764
Alerts This Week
Warning Icon 1 764

Fedora 10: 2009-8344 Moderate Update Resolves DHCP DoS Vulnerabilities

fedora
Calendar Grey August 25, 2009
Dist Fedora Esm H88
The latest patch addresses security weaknesses in the DHCP protocol, enhancing Fedora 10's network stability and protecting user data.
This update to the dhcp package includes fixes for CVE-2009-0692 and CVE-2009-1892

Summary

DHCP (Dynamic Host Configuration Protocol) is a protocol which allows

individual devices on an IP network to get their own network

configuration information (IP address, subnetmask, broadcast address,

etc.) from a DHCP server. The overall purpose of DHCP is to make it

easier to administer a large network. The dhcp package includes the

ISC DHCP service and relay agent.

To use DHCP on your network, install a DHCP service (or relay agent),

and on clients run a DHCP client daemon. The dhcp package provides

the ISC DHCP service and relay agent.

Update Information:

This update to the dhcp package includes fixes for CVE-2009-0692 and CVE-2009-1892. More information on these issues are available here: https://www.cve.org/CVERecord?id=CVE-2009-0692 https://www.cve.org/CVERecord?id=CVE-2009-1892 Note: CVE-2009-0692 had no security consequences on Fedora, thanks to the use of FORTIFY_SOURCE

Topics%20covered

Topics Covered

security advisory moderate Fedora DoS dhcp

Change Log

* Wed Aug 5 2009 David Cantrell - 12:4.0.0-37 - Fix for CVE-2009-0692 - Fix for CVE-2009-1892 (#511834) * Fri Jun 26 2009 David Cantrell - 12:4.0.0-36 - Fix SELinux denials in dhclient-script when the script makes backup configuration files and restores them later (#483747) * Mon Apr 20 2009 David Cantrell - 12:4.0.0-35 - Make dhclient-script work with pre-configured wireless interfaces (#491157) * Thu Apr 16 2009 David Cantrell - 12:4.0.0-34 - Fix setting default route when client IP address changes (#486512, #473658) - Restore SELinux context on /etc/ntp.conf and /etc/yp.conf (#483747) - 'reload' and 'try-restart' on dhcpd and dhcrelay init scripts will display usage information and return code 3 * Wed Dec 3 2008 David Cantrell - 12:4.0.0-33 - Do not calculate a prefix for an address we did not receive (#473885) * Tue Nov 11 2008 David Cantrell - 12:4.0.0-32 - Correctly source ifcfg-DEVICE files (#470928) - Honor $keep_old_ip in dhclient-script (#471127) * Wed Oct 29 2008 David Cantrell - 12:4.0.0-31 - Use O_CLOEXEC in open(2) calls and "e" mode in fopen(3) calls, build with -D_GNU_SOURCE so we pick up O_CLOEXEC (#468984) - Add missing prototype for validate_port() in common/inet.c

References


[ 1 ] Bug #511834 - CVE-2009-1892 dhcp: DoS/abort in some configs with client-identifier and hardware address host specifications https://bugzilla.redhat.com/show_bug.cgi?id=511834

Update Instructions

This update can be installed with the "yum" update program. Use su -c 'yum update dhcp' at the command line. For more information, refer to "Managing Software with yum", available at .

Name: dhcp
Product: Fedora 10
Version: 4.0.0
Release: 37.fc10
URL: Summary : DHCP (Dynamic Host Configuration Protocol) server and relay agent

Topics%20covered

Topics Covered

security advisory moderate Fedora DoS dhcp

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here