rpm/dhcp
SHA256
1
0
Fork 0
forked from pool/dhcp
Code Pull Requests Activity

Improved patch description

Browse Source 
OBS-URL: https://build.opensuse.org/package/show/network:dhcp/dhcp?expand=0&rev=54
This commit is contained in:
Marius Tomaschewski 2011-02-02 09:11:54 +00:00 committed by Git OBS Bridge
parent 3e8864fa10
commit 74e272fef2
1 changed files with 4 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
dhcp-4.2.0-P2-CVE-2011-0413.bnc667655.diff
View File

@ -1,15 +1,17 @@
From d995f772e6b957c7569a640d024daa3e58c08f56 Mon Sep 17 00:00:00 2001
From ef8d97cd543d87135b3aae2d778a6f91cb800498 Mon Sep 17 00:00:00 2001
From: Marius Tomaschewski <mt@suse.de>
Date: Wed, 2 Feb 2011 09:18:39 +0100
Subject: [PATCH] Unexpected abort caused by a DHCPv6 decline
Security fix (CVE-2011-0413, VU#686084, bnc#667655) extracted from
dhcp-4.2.1b1 sources; description from dhcp-4.2.1b1/RELNOTES:
! When processing a request in the DHCPv6 server code that specifies
an address that is tagged as abandoned (meaning we received a
decline request for it previously) don't attempt to move it from
the inactive to active pool as doing so can result in the server
crshing on an assert failure. Also retag the lease as active
and reset it's timeout value.
[ISC-Bugs #21921] (CVE-2011-0413, VU#686084)
[ISC-Bugs #21921]
Signed-off-by: Marius Tomaschewski <mt@suse.de>
---