2011年4月 6日

[installer 2745] ISC dhcp-4.2.1-P1, 4.1-ESV-R2, 3.1-ESV-R1

ISC dhcp-4.2.1-P1, 4.1-ESV-R2, 3.1-ESV-R1 出ています。

dhclient のセキュリティホールの修正が含まれています。
https://www.isc.org/software/dhcp/advisories/cve-2011-0997
http://www.kb.cert.org/vuls/id/107886
参照のこと。

☆ ISC dhcp-4.2.1-P1

http://www.isc.org/sw/dhcp
ftp://ftp.isc.org/isc/dhcp/dhcp-4.2.1-P1.tar.gz

Changes since 4.2.1

! In dhclient check the data for some string options for
reasonableness before passing it along to the script that
interfaces with the OS.
[ISC-Bugs #23722]
CVE: CVE-2011-0997

Changes since 4.2.1rc1

- None

Changes since 4.2.1b1

- Removed the restriction on using IPv6 addresses in IPv4 mode. This
allows IPv4 options which contain IPv6 addresses to be specified. For
example the 6rd option can be specified and used like this:
[ISC-Bugs #23039]

option 6rd code 212 = { integer 8, integer 8,
ip6-address, array of ip-address };
option 6rd 16 10 2001:: 1.2.3.4, 5.6.7.8;

- Handle some DDNS corner cases better. Maintain the DDNS transaction
information when updating a lease and cancel any existing transactions
when removing the ddns information.
[ISC-Bugs #23103]

- Some fixes for LDAP
[ISC-Bugs #21783] - Include lber library when building ldap
[ISC-Bugs #22888] - Enable the ldap code when buidling common
The above fixes are from Jiri Popelka at Red Hat.

- Modify the dlpi code to accept getmsg() returning a positive value.
[ISC-Bugs #22824]


☆ ISC dhcp-4.1-ESV-R2
http://www.isc.org/sw/dhcp
ftp://ftp.isc.org/isc/dhcp/dhcp-4.1-ESV-R2.tar.gz

Changes since 4.1-ESV-R1

! In dhclient check the data for some string options for
reasonableness before passing it along to the script that
interfaces with the OS.
[ISC-Bugs #23722]
CVE: CVE-2011-0997


☆ ISC dhcp-3.1-ESV-R1
http://www.isc.org/sw/dhcp
ftp://ftp.isc.org/isc/dhcp/dhcp-3.1-ESV-R1.tar.gz

Changes since 3.1-ESV

- The 'domain-list' atom documentation in common/dhcp-options.5 was
corrected. [ISC-Bugs #21217]

! In dhclient check the data for some string options for
reasonableness before passing it along to the script that
interfaces with the OS.
[ISC-Bugs #23722]
CVE: CVE-2011-0997

----
こがよういちろう


投稿者 xml-rpc : 2011年4月 6日 12:52
役に立ちました?:
過去のフィードバック 平均:(0) 総合:(0) 投票回数:(0)
本記事へのTrackback: http://hoop.euqset.org/blog/mt-tb2006.cgi/102959
トラックバック
コメント
コメントする




画像の中に見える文字を入力してください。