[SECURITY] Fedora 11 Update: dhcp-4.1.0p1-4.fc11

updates at fedoraproject.org updates at fedoraproject.org
Tue Nov 10 17:47:15 UTC 2009


--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2009-9075
2009-08-27 22:22:13
--------------------------------------------------------------------------------

Name        : dhcp
Product     : Fedora 11
Version     : 4.1.0p1
Release     : 4.fc11
URL         : http://isc.org/products/DHCP/
Summary     : Dynamic host configuration protocol software
Description :
DHCP (Dynamic Host Configuration Protocol) is a protocol which allows
individual devices on an IP network to get their own network
configuration information (IP address, subnetmask, broadcast address,
etc.) from a DHCP server. The overall purpose of DHCP is to make it
easier to administer a large network.  The dhcp package includes the
ISC DHCP service and relay agent.

To use DHCP on your network, install a DHCP service (or relay agent),
and on clients run a DHCP client daemon.  The dhcp package provides
the ISC DHCP service and relay agent.

--------------------------------------------------------------------------------
Update Information:

Do not require policycoreutils when installing dhcp or dhclient packages.  If
you have the package installed, the /sbin/restorecon program will be used by
dhclient-script and the dhcpd init script.    This update to the dhcp package
includes fixes for CVE-2009-0692 and CVE-2009-1892. More information on these
issues are available here:    http://cve.mitre.org/cgi-
bin/cvename.cgi?name=CVE-2009-0692  http://cve.mitre.org/cgi-
bin/cvename.cgi?name=CVE-2009-1892    Note: CVE-2009-0692 had no security
consequences on Fedora, thanks to the use of FORTIFY_SOURCE
--------------------------------------------------------------------------------
ChangeLog:

* Wed Aug 26 2009 David Cantrell <dcantrell at redhat.com> - 12:4.1.0p1-4
- Do not require policycoreutils for dhclient subpackage, fix restorecon
  calls in postinstall scriptlets (#519479)
* Wed Aug 26 2009 David Cantrell <dcantrell at redhat.com> - 12:4.1.0p1-3
- Do not require policycoreutils for post scriptlet (#519479)
* Thu Aug  6 2009 David Cantrell <dcantrell at redhat.com> - 12:4.1.0p1-2
- Add /usr/lib[64]/pm-utils/sleep.d/56dhclient to handle suspend and
  resume with active dhclient leases (#479639)
* Wed Aug  5 2009 David Cantrell <dcantrell at redhat.com> - 12:4.1.0p1-1
- Upgrade to dhcp-4.1.0p1, which is the official upstream release to fix
  CVE-2009-0692
* Wed Aug  5 2009 David Cantrell <dcantrell at redhat.com> - 12:4.1.0-25
- Fix for CVE-2009-0692
- Fix for CVE-2009-1892 (#511834)
- Disable patch for #514828 since that fix is still in updates-testing
* Tue Aug  4 2009 David Cantrell <dcantrell at redhat.com> - 12:4.1.0-24
- Correct lease file format written by dhclient (#514828)
* Thu Jul  2 2009 David Cantrell <dcantrell at redhat.com> - 12:4.1.0-23
- Correct problems when upgrading from a previous release and your
  dhcpd.conf file not being placed in /etc/dhcp (#506600)
* Fri Jun 26 2009 David Cantrell <dcantrell at redhat.com> - 12:4.1.0-22
- Fix SELinux denials in dhclient-script when the script makes backup
  configuration files and restores them later (#483747)
* Fri Jun 26 2009 David Cantrell <dcantrell at redhat.com> - 12:4.1.0-21
- Handle cases in add_timeout() where the function is called with a NULL
  value for the 'when' parameter (#506626)
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #519479 - dhclient/dhcp policycoreutils dep
        https://bugzilla.redhat.com/show_bug.cgi?id=519479
  [ 2 ] Bug #511834 - CVE-2009-1892 dhcp: DoS/abort in some configs with client-identifier and hardware address host specifications
        https://bugzilla.redhat.com/show_bug.cgi?id=511834
--------------------------------------------------------------------------------

This update can be installed with the "yum" update program.  Use 
su -c 'yum update dhcp' at the command line.
For more information, refer to "Managing Software with yum",
available at http://docs.fedoraproject.org/yum/.

All packages are signed with the Fedora Project GPG key.  More details on the
GPG keys used by the Fedora Project can be found at
http://fedoraproject.org/keys
--------------------------------------------------------------------------------




More information about the Fedora-package-announce mailing list