UbuntuUpdates.org

Package "isc-dhcp"

Name: isc-dhcp

Description:

This package is just an umbrella for a group of other packages, it has no description.
Description samples from packages in group:

  • ISC DHCP development files (transitional package)
  • ISC DHCP client
  • ISC DHCP client (debugging symbols)
  • common files used by all the isc-dhcp* packages

Latest version: 4.1.ESV-R4-0ubuntu5.13
Release: precise (12.04)
Level: security
Repository: main

Links



Other versions of "isc-dhcp" in Precise

Repository Area Version
base main 4.1.ESV-R4-0ubuntu5
base universe 4.1.ESV-R4-0ubuntu5
security universe 4.1.ESV-R4-0ubuntu5.13
updates universe 4.1.ESV-R4-0ubuntu5.13
updates main 4.1.ESV-R4-0ubuntu5.13

Packages in group

Deleted packages are displayed in grey.


Changelog

Version: 4.1.ESV-R4-0ubuntu5.13 2021-05-03 14:07:21 UTC

  isc-dhcp (4.1.ESV-R4-0ubuntu5.13) precise-security; urgency=medium

  * SECURITY UPDATE: buffer overflow in dhclient
    - debian/patches/CVE-2018-573x.patch: check option data size in
      common/options.c.
    - CVE-2018-5732
  * SECURITY UPDATE: reference counter overflow in dhcpd
    - debian/patches/CVE-2018-573x.patch: avoid overflow in
      common/options.c.
    - CVE-2018-5733

 -- <email address hidden> (Leonidas S. Barbosa) Fri, 25 May 2018 11:32:13 -0300

Source diff to previous version
CVE-2018-5732 A specially constructed response from a malicious server can cause a buffer overflow in dhclient
CVE-2018-5733 A malicious client can overflow a reference counter in ISC dhcpd

Version: 4.1.ESV-R4-0ubuntu5.10 2016-01-13 14:06:42 UTC

  isc-dhcp (4.1.ESV-R4-0ubuntu5.10) precise-security; urgency=medium

  * SECURITY UPDATE: denial of service via incorrect UDP payload length
    - debian/patches/CVE-2015-8605.dpatch: properly check payload length in
      common/packet.c.
    - CVE-2015-8605

 -- Marc Deslauriers Mon, 11 Jan 2016 07:59:30 -0500

Source diff to previous version
CVE-2015-8605 UDP payload length not properly checked

Version: 4.1.ESV-R4-0ubuntu5.5 2012-09-18 13:06:57 UTC

  isc-dhcp (4.1.ESV-R4-0ubuntu5.5) precise-security; urgency=low

  [ Jamie Strandboge ]
  * debian/dhclient-script.linux: Explicitly set the PATH to that of
    ENV_SUPATH in /etc/login.defs and unset various other variables. We need
    to do this so /sbin/dhclient cannot abuse the environment to escape
    AppArmor confinement via this script. Don't worry about
    debian/dhclient-script.linux.udeb or debian/dhclient-script.kfreebsd*
    since AppArmor isn't used in these environments.
    - LP: #1045986

  [ Marc Deslauriers ]
  * SECURITY UPDATE: denial of service via ipv6 lease expiration time
    reduction
    - debian/patches/CVE-2012-3955.patch: properly handle time reduction in
      server/dhcpv6.c, server/mdb6.c.
    - CVE-2012-3955
 -- Marc Deslauriers <email address hidden> Fri, 14 Sep 2012 12:58:33 -0400

Source diff to previous version
CVE-2012-3955 ISC DHCP 4.1.x before 4.1-ESV-R7 and 4.2.x before 4.2.4-P2 allows ...

Version: 4.1.ESV-R4-0ubuntu5.2 2012-07-26 19:06:58 UTC

  isc-dhcp (4.1.ESV-R4-0ubuntu5.2) precise-security; urgency=low

  * SECURITY UPDATE: denial of service via malformed client identifiers
    - debian/patches/CVE-2012-3571.dpatch: validate packets in
      common/options.{c,h}.
    - CVE-2012-3571.dpatch
  * SECURITY UPDATE: denial of service via memory leaks
    - debian/patches/CVE-2012-3954.dpatch: properly manage memory in
      common/options.c and server/dhcpv6.c.
    - CVE-2012-3954
 -- Marc Deslauriers <email address hidden> Wed, 25 Jul 2012 17:04:18 -0400

CVE-2012-3571 ISC DHCP 4.1.2 through 4.2.4 and 4.1-ESV before 4.1-ESV-R6 allows ...
CVE-2012-3954 Multiple memory leaks in ISC DHCP 4.1.x and 4.2.x before 4.2.4-P1 and ...



About   -   Send Feedback to @ubuntu_updates