Fedora Legacy Test Update Notification: dhcp

Marc Deslauriers marcdeslauriers at videotron.ca
Sat Mar 5 14:54:39 UTC 2005 

---------------------------------------------------------------------
Fedora Legacy Test Update Notification
FEDORALEGACY-2005-2251
Bugzilla https://bugzilla.fedora.us/show_bug.cgi?id=2251
2005-03-05
---------------------------------------------------------------------

Name        : dhcp
Versions    : rh7.3:
Summary     : A DHCP (Dynamic Host Configuration Protocol) server and
               relay agent.
Description :
DHCP (Dynamic Host Configuration Protocol) is a protocol which allows
individual devices on an IP network to get their own network
configuration information (IP address, subnetmask, broadcast address,
etc.) from a DHCP server. The overall purpose of DHCP is to make it
easier to administer a large network. The dhcp package includes the
DHCP server and a DHCP relay agent.

---------------------------------------------------------------------
Update Information:

Updated dhcp packages that fix a security issue are now available.

Xpdf is a DHCP (Dynamic Host Configuration Protocol) server and
relay agent.

"infamous41md" noticed that the log functions in dhcp 2.x pass
parameters to a function that uses format strings. One use seems to be
exploitable in connection with a malicious DNS server. The Common
Vulnerabilities and Exposures project (cve.mitre.org) has assigned the
name CAN-2004-1006 to this issue.

Users of dhcp are advised to upgrade to this errata package, which
contains backported patches correcting this issue.

---------------------------------------------------------------------
Changelogs

rh73:
* Fri Mar 04 2005 Marc Deslauriers <marcdeslauriers at videotron.ca> 
1:2.0pl5-8.2.legacy
- Added missing groff BuildRequires

* Sun Dec 19 2004 Pekka Savola <pekkas at netcore.fi> 1:2.0pl5-8.1.legacy
- add ftp://ftp.isc.org/isc/dhcp/dhcp-2.0-history/dhcp-2.0pl6.patch to
   fix CAN-2004-1006

---------------------------------------------------------------------
This update can be downloaded from:
   http://download.fedoralegacy.org/
(sha1sums)

rh7.3:
e134b4118edc63c20b1227d3b199edf55e9c6411 
redhat/7.3/updates-testing/i386/dhcp-2.0pl5-8.2.legacy.i386.rpm
873fe4bb121b857436cc044cf379597f78bc0e4b 
redhat/7.3/updates-testing/SRPMS/dhcp-2.0pl5-8.2.legacy.src.rpm

---------------------------------------------------------------------

Please test and comment in bugzilla.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 256 bytes
Desc: OpenPGP digital signature
URL: <http://listman.redhat.com/archives/fedora-legacy-list/attachments/20050305/8df24086/attachment.sig>

More information about the fedora-legacy-list mailing list