Stay Secure with the Latest Linux Advisories
Refine advisories
X Clear Filters
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Loading...
Explore Latest Linux Security advisories
We found -4 articles for you...
217
security advisorycritical updateperformance improvementOracle Linux 7 ELSA-2024-3741 Critical: Bind And DHCP Security Fixes
The following updated rpms for Oracle Linux 7 have been uploaded to the Unbreakable Linux Network: . Oracle Linux Security Advisory ELSA-2024-3741 http://linux.oracle.com/errata/ELSA-2024-3741.html The following updated rpms for Oracle Linux 7 have been uploaded to the Unbreakable Linux Network: aarch64: bind-9.11.4-26.P2.el7_9.16.aarch64.rpm bind-chroot-9.11.4-26.P2.el7_9.16.aarch64.rpm bind-libs-9.11.4-26.P2.el7_9.16.aarch64.rpm bind-export-libs-9.11.4-26.P2.el7_9.16.aarch64.rpm bind-libs-lite-9.11.4-26.P2.el7_9.16.aarch64.rpm bind-license-9.11.4-26.P2.el7_9.16.noarch.rpm bind-pkcs11-9.11.4-26.P2.el7_9.16.aarch64.rpm bind-pkcs11-libs-9.11.4-26.P2.el7_9.16.aarch64.rpm bind-pkcs11-utils-9.11.4-26.P2.el7_9.16.aarch64.rpm bind-utils-9.11.4-26.P2.el7_9.16.aarch64.rpm bind-export-devel-9.11.4-26.P2.el7_9.16.aarch64.rpm bind-devel-9.11.4-26.P2.el7_9.16.aarch64.rpm bind-lite-devel-9.11.4-26.P2.el7_9.16.aarch64.rpm bind-pkcs11-devel-9.11.4-26.P2.el7_9.16.aarch64.rpm bind-sdb-9.11.4-26.P2.el7_9.16.aarch64.rpm bind-sdb-chroot-9.11.4-26.P2.el7_9.16.aarch64.rpm bind-dyndb-ldap-11.1-7.el7_9.1.aarch64.rpm dhclient-4.2.5-83.0.3.el7_9.2.aarch64.rpm dhcp-4.2.5-83.0.3.el7_9.2.aarch64.rpm dhcp-common-4.2.5-83.0.3.el7_9.2.aarch64.rpm dhcp-libs-4.2.5-83.0.3.el7_9.2.aarch64.rpm dhcp-devel-4.2.5-83.0.3.el7_9.2.aarch64.rpm SRPMS: http://oss.oracle.com/ol7/SRPMS-updates//bind-9.11.4-26.P2.el7_9.16.src.rpm http://oss.oracle.com/ol7/SRPMS-updates//bind-dyndb-ldap-11.1-7.el7_9.1.src.rpm http://oss.oracle.com/ol7/SRPMS-updates//dhcp-4.2.5-83.0.3.el7_9.2.src.rpm Related CVEs: CVE-2023-4408 CVE-2023-50387 CVE-2023-50868 Description of changes: bind [32:9.11.4-26.P2.16] - Prevent increased CPU consumption in DNSSEC validator (CVE-2023-50387 CVE-2023-50868) - Add missing design by contract tests to dns_catz* - Speed up parsing of DNS messages with many different names (CVE-2023-4408) - Do not use header_prev in expire_lru_headers bind-dyndb-ldap [11.1-7.1] - Rebuild required for BIND changes for KeyTrap change(CVE-2023-50387) dhcp [12:4.2.5-83.0.3.2] - Update bug reporting URL [Orabug: 35496820] - Direct users to Oracle Linux support site. [12:4.2.5-83.2] - Rebuild because of bind ABI changes related to CVE-2023-50387 _______________________________________________ El-errata mailing list
Jun 13, 2024
•Critical
Oracle
203
security advisorybuffer overflowDenial of ServiceMageia 6: 2018-0410 Moderate: dhcp Buffer Overflow and DoS Threats
Buffer overflow in dhclient possibly allowing code execution triggered by malicious server (CVE-2018-5732). Reference count overflow in dhcpd allows denial of service (CVE-2018-5733). . MGASA-2018-0410 - Updated dhcp packages fix security vulnerability Publication date: 26 Oct 2018 URL: https://advisories.mageia.org/MGASA-2018-0410.html Type: security Affected Mageia releases: 6 CVE: CVE-2018-5732, CVE-2018-5733 Buffer overflow in dhclient possibly allowing code execution triggered by malicious server (CVE-2018-5732). Reference count overflow in dhcpd allows denial of service (CVE-2018-5733). References: - https://bugs.mageia.org/show_bug.cgi?id=22674 - https://kb.isc.org/docs/aa-01565 - https://kb.isc.org/docs/aa-01567 - https://access.redhat.com/errata/RHSA-2018:0483 - https://www.cve.org/CVERecord?id=CVE-2018-5732 - https://www.cve.org/CVERecord?id=CVE-2018-5733 SRPMS: - 6/core/dhcp-4.3.5-2.1.mga6 . Urgent update released for Mageia 6 targeting vulnerabilities in DHCP that may lead to remote code execution and Denial of Service attacks.. mageia advisory, dhcp security, buffer overflow, DoS threats. . LinuxSecurity.com Team
Oct 26, 2018
Mageia
98
security advisoryupdatecriticalCritical Advisory RHSA-2018:1455-01: Red Hat Enterprise Linux 7.4 DHCP Flaw
An update for dhcp is now available for Red Hat Enterprise Linux 7.4 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System (CVSS) base score, which. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 ==================================================================== Red Hat Security Advisory Synopsis: Critical: dhcp security update Advisory ID: RHSA-2018:1455-01 Product: Red Hat Enterprise Linux Advisory URL: https://access.redhat.com/errata/RHSA-2018:1455 Issue date: 2018-05-15 CVE Names: CVE-2018-1111 ==================================================================== 1. Summary: An update for dhcp is now available for Red Hat Enterprise Linux 7.4 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux ComputeNode EUS (v. 7.4) - x86_64 Red Hat Enterprise Linux ComputeNode Optional EUS (v. 7.4) - x86_64 Red Hat Enterprise Linux Server EUS (v. 7.4) - ppc64, ppc64le, s390x, x86_64 Red Hat Enterprise Linux Server Optional EUS (v. 7.4) - ppc64, ppc64le, s390x, x86_64 3. Description: The Dynamic Host Configuration Protocol (DHCP) is a protocol that allows individual devices on an IP network to get their own network configuration information, including an IP address, a subnet mask, and a broadcast address. The dhcp packages provide a relay agent and ISC DHCP service required to enable and administer DHCP on a network. Security Fix(es): * A command injection flaw was found in the NetworkManager integration script included in the DHCP client packages in Red Hat Enterprise Linux. A malicious DHCP server, or an attacker on the local network able tospoof DHCP responses, could use this flaw to execute arbitrary commands with root privileges on systems using NetworkManager and configured to obtain network configuration using the DHCP protocol. (CVE-2018-1111) Red Hat would like to thank Felix Wilhelm (Google Security Team) for reporting this issue. 4. Solution: For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 5. Bugs fixed (https://bugzilla.redhat.com/): 1567974 - CVE-2018-1111 dhcp: Command injection vulnerability in the DHCP client NetworkManager integration script 6. Package List: Red Hat Enterprise Linux ComputeNode EUS (v. 7.4): Source: dhcp-4.2.5-58.el7_4.4.src.rpm x86_64: dhclient-4.2.5-58.el7_4.4.x86_64.rpm dhcp-common-4.2.5-58.el7_4.4.x86_64.rpm dhcp-debuginfo-4.2.5-58.el7_4.4.i686.rpm dhcp-debuginfo-4.2.5-58.el7_4.4.x86_64.rpm dhcp-libs-4.2.5-58.el7_4.4.i686.rpm dhcp-libs-4.2.5-58.el7_4.4.x86_64.rpm Red Hat Enterprise Linux ComputeNode Optional EUS (v. 7.4): x86_64: dhcp-4.2.5-58.el7_4.4.x86_64.rpm dhcp-debuginfo-4.2.5-58.el7_4.4.i686.rpm dhcp-debuginfo-4.2.5-58.el7_4.4.x86_64.rpm dhcp-devel-4.2.5-58.el7_4.4.i686.rpm dhcp-devel-4.2.5-58.el7_4.4.x86_64.rpm Red Hat Enterprise Linux Server EUS (v.7.4): Source: dhcp-4.2.5-58.el7_4.4.src.rpm ppc64: dhclient-4.2.5-58.el7_4.4.ppc64.rpm dhcp-4.2.5-58.el7_4.4.ppc64.rpm dhcp-common-4.2.5-58.el7_4.4.ppc64.rpm dhcp-debuginfo-4.2.5-58.el7_4.4.ppc.rpm dhcp-debuginfo-4.2.5-58.el7_4.4.ppc64.rpm dhcp-libs-4.2.5-58.el7_4.4.ppc.rpm dhcp-libs-4.2.5-58.el7_4.4.ppc64.rpm ppc64le: dhclient-4.2.5-58.el7_4.4.ppc64le.rpm dhcp-4.2.5-58.el7_4.4.ppc64le.rpm dhcp-common-4.2.5-58.el7_4.4.ppc64le.rpm dhcp-debuginfo-4.2.5-58.el7_4.4.ppc64le.rpm dhcp-libs-4.2.5-58.el7_4.4.ppc64le.rpm s390x: dhclient-4.2.5-58.el7_4.4.s390x.rpm dhcp-4.2.5-58.el7_4.4.s390x.rpm dhcp-common-4.2.5-58.el7_4.4.s390x.rpm dhcp-debuginfo-4.2.5-58.el7_4.4.s390.rpm dhcp-debuginfo-4.2.5-58.el7_4.4.s390x.rpm dhcp-libs-4.2.5-58.el7_4.4.s390.rpm dhcp-libs-4.2.5-58.el7_4.4.s390x.rpm x86_64: dhclient-4.2.5-58.el7_4.4.x86_64.rpm dhcp-4.2.5-58.el7_4.4.x86_64.rpm dhcp-common-4.2.5-58.el7_4.4.x86_64.rpm dhcp-debuginfo-4.2.5-58.el7_4.4.i686.rpm dhcp-debuginfo-4.2.5-58.el7_4.4.x86_64.rpm dhcp-libs-4.2.5-58.el7_4.4.i686.rpm dhcp-libs-4.2.5-58.el7_4.4.x86_64.rpm Red Hat Enterprise Linux Server Optional EUS (v. 7.4): ppc64: dhcp-debuginfo-4.2.5-58.el7_4.4.ppc.rpm dhcp-debuginfo-4.2.5-58.el7_4.4.ppc64.rpm dhcp-devel-4.2.5-58.el7_4.4.ppc.rpm dhcp-devel-4.2.5-58.el7_4.4.ppc64.rpm ppc64le: dhcp-debuginfo-4.2.5-58.el7_4.4.ppc64le.rpm dhcp-devel-4.2.5-58.el7_4.4.ppc64le.rpm s390x: dhcp-debuginfo-4.2.5-58.el7_4.4.s390.rpm dhcp-debuginfo-4.2.5-58.el7_4.4.s390x.rpm dhcp-devel-4.2.5-58.el7_4.4.s390.rpm dhcp-devel-4.2.5-58.el7_4.4.s390x.rpm x86_64: dhcp-debuginfo-4.2.5-58.el7_4.4.i686.rpm dhcp-debuginfo-4.2.5-58.el7_4.4.x86_64.rpm dhcp-devel-4.2.5-58.el7_4.4.i686.rpm dhcp-devel-4.2.5-58.el7_4.4.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key 7.References: https://access.redhat.com/security/cve/CVE-2018-1111 https://access.redhat.com/security/updates/classification#critical https://access.redhat.com/security/vulnerabilities/89cb0ad0-d22b-4c2b-ae2e-6fecd4077c8a 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact Copyright 2018 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIVAwUBWvsGa9zjgjWX9erEAQj89A//TyBm+jdcVzwBVaw763eQl+jTsJ3UvQKo WgSZ6QjrZJ4WIbUJwHL4HdCqHUdamKO+4zUaSl3QHQKo+00Z2yHuZ3YuywCcPed0 QOSgkZISZaH4ugSLrzU47bZYLAgOT2oq0x9G30lfjYCM9Ht45HUQlImoldpUbSHm QyD4E4TJgm1FBtMtpTakIYVupVR1neV3fua0q4w8+mTbGnBtA5XHysKcjiK2Ls2I UHqf0VN0wdshQ+l2AcoUfzv1ykjceX0Wl2UET/1rp9jpMKg8IlUgw+zubZmGsA0s 1ulWpihtAM0ei96cGFgmmzQ/JauHRpaYE9tYe0w/Xru88kf1zj4FsgK+0QF+IiHz Rrii88ZX5IQkNBtcqkZSG8BC7BlXpPQTMi7uv4SG7AfKVYn3fBoxTVWe+Rnqtxpr +rMXh5uthewdMi2Oh6KYQ5YZw85RayybRoq4MIZ3N6lwYBp3fnO+0dcbf8akUdZD 5FJmc+QRuvo7gsjjewN6wszttVO1vMn1/mR6lPuRkh3lYteX6MJwjg3L/WBpop8j IqNGrmy3cZJC25tD2JGvXh86PszOlXlADT7FijAp8E7W/sN9U7xcfYZdl1YPxz9u JTZoiBEQL9qVcZmjsgZpXzzyh3wya9niyybq/s32L3+mlw+StYtQfIN6uUzixXK/ fx4kBeu/FqQ=vOpl -----END PGP SIGNATURE----- -- RHSA-announce mailing list
May 15, 2018
•Critical
Red Hat
98
security advisoryRed Hat Enterprise Linuxcritical updateRed Hat 7.2 RHSA-2018:1457-01 Critical: DHCP Command Injection
An update for dhcp is now available for Red Hat Enterprise Linux 7.2 Advanced Update Support, Red Hat Enterprise Linux 7.2 Telco Extended Update Support, and Red Hat Enterprise Linux 7.2 Update Services for SAP Solutions.. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 ==================================================================== Red Hat Security Advisory Synopsis: Critical: dhcp security update Advisory ID: RHSA-2018:1457-01 Product: Red Hat Enterprise Linux Advisory URL: https://access.redhat.com/errata/RHSA-2018:1457 Issue date: 2018-05-15 CVE Names: CVE-2018-1111 ==================================================================== 1. Summary: An update for dhcp is now available for Red Hat Enterprise Linux 7.2 Advanced Update Support, Red Hat Enterprise Linux 7.2 Telco Extended Update Support, and Red Hat Enterprise Linux 7.2 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux Server AUS (v. 7.2) - x86_64 Red Hat Enterprise Linux Server E4S (v. 7.2) - x86_64 Red Hat Enterprise Linux Server Optional AUS (v. 7.2) - x86_64 Red Hat Enterprise Linux Server Optional E4S (v. 7.2) - x86_64 Red Hat Enterprise Linux Server Optional TUS (v. 7.2) - x86_64 Red Hat Enterprise Linux Server TUS (v. 7.2) - x86_64 3. Description: The Dynamic Host Configuration Protocol (DHCP) is a protocol that allows individual devices on an IP network to get their own network configuration information, including an IP address, a subnet mask, and a broadcast address. The dhcp packages provide a relay agent and ISC DHCP service required to enable and administer DHCP on a network. Security Fix(es): * A command injection flaw was found in theNetworkManager integration script included in the DHCP client packages in Red Hat Enterprise Linux. A malicious DHCP server, or an attacker on the local network able to spoof DHCP responses, could use this flaw to execute arbitrary commands with root privileges on systems using NetworkManager and configured to obtain network configuration using the DHCP protocol. (CVE-2018-1111) Red Hat would like to thank Felix Wilhelm (Google Security Team) for reporting this issue. 4. Solution: For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 5. Bugs fixed (https://bugzilla.redhat.com/): 1567974 - CVE-2018-1111 dhcp: Command injection vulnerability in the DHCP client NetworkManager integration script 6. Package List: Red Hat Enterprise Linux Server AUS (v. 7.2): Source: dhcp-4.2.5-42.el7_2.1.src.rpm x86_64: dhclient-4.2.5-42.el7_2.1.x86_64.rpm dhcp-4.2.5-42.el7_2.1.x86_64.rpm dhcp-common-4.2.5-42.el7_2.1.x86_64.rpm dhcp-debuginfo-4.2.5-42.el7_2.1.i686.rpm dhcp-debuginfo-4.2.5-42.el7_2.1.x86_64.rpm dhcp-libs-4.2.5-42.el7_2.1.i686.rpm dhcp-libs-4.2.5-42.el7_2.1.x86_64.rpm Red Hat Enterprise Linux Server E4S (v. 7.2): Source: dhcp-4.2.5-42.el7_2.1.src.rpm x86_64: dhclient-4.2.5-42.el7_2.1.x86_64.rpm dhcp-4.2.5-42.el7_2.1.x86_64.rpm dhcp-common-4.2.5-42.el7_2.1.x86_64.rpm dhcp-debuginfo-4.2.5-42.el7_2.1.i686.rpm dhcp-debuginfo-4.2.5-42.el7_2.1.x86_64.rpm dhcp-libs-4.2.5-42.el7_2.1.i686.rpm dhcp-libs-4.2.5-42.el7_2.1.x86_64.rpm Red Hat Enterprise Linux Server TUS (v. 7.2): Source: dhcp-4.2.5-42.el7_2.1.src.rpm x86_64: dhclient-4.2.5-42.el7_2.1.x86_64.rpm dhcp-4.2.5-42.el7_2.1.x86_64.rpm dhcp-common-4.2.5-42.el7_2.1.x86_64.rpm dhcp-debuginfo-4.2.5-42.el7_2.1.i686.rpm dhcp-debuginfo-4.2.5-42.el7_2.1.x86_64.rpm dhcp-libs-4.2.5-42.el7_2.1.i686.rpm dhcp-libs-4.2.5-42.el7_2.1.x86_64.rpm Red Hat Enterprise Linux Server Optional AUS (v.7.2): x86_64: dhcp-debuginfo-4.2.5-42.el7_2.1.i686.rpm dhcp-debuginfo-4.2.5-42.el7_2.1.x86_64.rpm dhcp-devel-4.2.5-42.el7_2.1.i686.rpm dhcp-devel-4.2.5-42.el7_2.1.x86_64.rpm Red Hat Enterprise Linux Server Optional E4S (v. 7.2): x86_64: dhcp-debuginfo-4.2.5-42.el7_2.1.i686.rpm dhcp-debuginfo-4.2.5-42.el7_2.1.x86_64.rpm dhcp-devel-4.2.5-42.el7_2.1.i686.rpm dhcp-devel-4.2.5-42.el7_2.1.x86_64.rpm Red Hat Enterprise Linux Server Optional TUS (v. 7.2): x86_64: dhcp-debuginfo-4.2.5-42.el7_2.1.i686.rpm dhcp-debuginfo-4.2.5-42.el7_2.1.x86_64.rpm dhcp-devel-4.2.5-42.el7_2.1.i686.rpm dhcp-devel-4.2.5-42.el7_2.1.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key 7. References: https://access.redhat.com/security/cve/CVE-2018-1111 https://access.redhat.com/security/updates/classification#critical https://access.redhat.com/security/vulnerabilities/89cb0ad0-d22b-4c2b-ae2e-6fecd4077c8a 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact Copyright 2018 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIVAwUBWvsFv9zjgjWX9erEAQiApw/9GcAToC+gcNjBNAm5zQLQA5FzT/y35t+B M+yHJamT9U1ymUmAxnW/Sou9ctLpTwaqaxp8qRxE3qeuGT2oCiYNqASm5nu2VwZ1 /xYkKq1GCJUJYHVtd5AG/eYND3VDYHamqmnXylFugcN5t6VIaW7c5LK12Ao4xIBG sK/+x433p47IkM1N4ATCWUHskmYSL58058j2z95adony+cyGT2ra21cRvo2MzsXe 2S07Ky2uv/SftOl20Q4Krnugvrfh/JBx0shFlRFbAP+p37jo5PDLUFwOFwyDcrU4 tO30VhOx91WUJ2mXJjhRs7twC9uj/5UM0+ePLEmPVVgjbgsVvZpF8NKqPcf3LR1w 1RYymGyBYdYDtCaWntnWya65dumKH3njp3ju76oSgn/9Dl674ZIj0TZ7rwkPANFd uVQFGdXJHJfhbUG908J1iBmUZqCjrOg3hXanpj83Z8NMLbZZMJ0kEVCBY7jQh2sO WcFkda3n9/vHRLKNVSirK4qHeSJMoOYNJEPyReK+ndPMhzmSiSAEXY9VuBgJLAX/ uM9LAoRGThwD6zhoKbhH4YPUrkBZUZzTel9iUGoVd7kuk3hjwKarLVD5ID0ONEGa n+EcpHIt1k3nWIeNzoXKzstgxRG3pMtPMCvidpem2wHBG56ifrHeJIq1BcH2IDu/ X9O0+orAUMo=5Y0R -----END PGP SIGNATURE----- -- RHSA-announce mailing list
May 15, 2018
•Critical
Red Hat
98
security advisorycriticalred hat enterpriseRed Hat Enterprise: RHSA-2018-1461-01 Critical Command Injection Warning
An update for dhcp is now available for Red Hat Enterprise Linux 6.4 Advanced Update Support. Red Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System (CVSS) base score, which. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 ==================================================================== Red Hat Security Advisory Synopsis: Critical: dhcp security update Advisory ID: RHSA-2018:1461-01 Product: Red Hat Enterprise Linux Advisory URL: https://access.redhat.com/errata/RHSA-2018:1461 Issue date: 2018-05-15 CVE Names: CVE-2018-1111 ==================================================================== 1. Summary: An update for dhcp is now available for Red Hat Enterprise Linux 6.4 Advanced Update Support. Red Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux Server AUS (v. 6.4) - x86_64 Red Hat Enterprise Linux Server Optional AUS (v. 6.4) - x86_64 3. Description: The Dynamic Host Configuration Protocol (DHCP) is a protocol that allows individual devices on an IP network to get their own network configuration information, including an IP address, a subnet mask, and a broadcast address. The dhcp packages provide a relay agent and ISC DHCP service required to enable and administer DHCP on a network. Security Fix(es): * A command injection flaw was found in the NetworkManager integration script included in the DHCP client packages in Red Hat Enterprise Linux. A malicious DHCP server, or an attacker on the local network able to spoof DHCP responses, could use this flaw to execute arbitrary commands with root privileges on systems using NetworkManager and configured to obtain network configuration using theDHCP protocol. (CVE-2018-1111) Red Hat would like to thank Felix Wilhelm (Google Security Team) for reporting this issue. 4. Solution: For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 5. Bugs fixed (https://bugzilla.redhat.com/): 1567974 - CVE-2018-1111 dhcp: Command injection vulnerability in the DHCP client NetworkManager integration script 6. Package List: Red Hat Enterprise Linux Server AUS (v. 6.4): Source: dhcp-4.1.1-34.P1.el6_4.2.src.rpm x86_64: dhclient-4.1.1-34.P1.el6_4.2.x86_64.rpm dhcp-4.1.1-34.P1.el6_4.2.x86_64.rpm dhcp-common-4.1.1-34.P1.el6_4.2.x86_64.rpm dhcp-debuginfo-4.1.1-34.P1.el6_4.2.x86_64.rpm Red Hat Enterprise Linux Server Optional AUS (v. 6.4): Source: dhcp-4.1.1-34.P1.el6_4.2.src.rpm x86_64: dhcp-debuginfo-4.1.1-34.P1.el6_4.2.i686.rpm dhcp-debuginfo-4.1.1-34.P1.el6_4.2.x86_64.rpm dhcp-devel-4.1.1-34.P1.el6_4.2.i686.rpm dhcp-devel-4.1.1-34.P1.el6_4.2.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key 7. References: https://access.redhat.com/security/cve/CVE-2018-1111 https://access.redhat.com/security/updates/classification#critical https://access.redhat.com/security/vulnerabilities/89cb0ad0-d22b-4c2b-ae2e-6fecd4077c8a 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact Copyright 2018 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPGv1 iQIVAwUBWvsFcNzjgjWX9erEAQhMOw/9H2swYCLEVSVwgDTSU18lTxgKeyKMgGk8 RGueH8lXihirufOkHcDQzBraOspixgcblSoPh0RQczReVDLMsl6ajhiegHdvphoj wqEoSXd1BQ0VgvmxuHQ1zQFEH7yIArTSf0jfNSVD6B84bwwBuZBDaC1WuGyZQERa ht4gEJQ9oToxcj9fYucKaPBo2sirALj29h7dGaf0Y7CoYVMfFg50daR8Z57ZLvi0 hyhQfZKpSyRHUpEo0B/zy1uM17WD215bpMEvv0ezMwFEapOrFNs3UKr7jrzxz5dh r5SRzBAKkPBjUrYzFy6cbTeXoBI6HjenLssRxOLP6RwgYjLF7JcCjzzEfopqxZnv vMpeaSy58geTpDJJuROKxQBttzOhatleLFim1YNNmPAi7XNmaghRJ+M3xIhrg8Ge oB8TmruM8imjEcpRIrRIpbsd+O0Matas+jOToUP0rLlpmcQAhlF7D6/K67c845L0 3E1ZeO/gohFxQZapMv+F7oHFWfzJ5mtqyzpMuI+TSDgkz70IBDNY4GaJ6XMk0e0Y RXvJBlr1FdlMpM35D9zGOsFNaWAGTfWEZftMPRdLj0ykA8jNfjwGOVdtk5tKOg85 lvpjubhSLhJzOy+N25QMabmO6TSwlMfuII0+HSHK6vlud7/hBA+qpYqGb5JQny3v /f1W+hqawn0=hHs9 -----END PGP SIGNATURE----- -- RHSA-announce mailing list
May 15, 2018
•Critical
Red Hat
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Search Topics
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!