[prev in list] [next in list] [prev in thread] [next in thread]
List: dhcp-announce
Subject: ISC DHCP 4.1-ESV-R6 is now available
From: Shawn Routhier <sar () isc ! org>
Date: 2012-07-24 18:22:37
Message-ID: 7E031BA2-A259-49A5-867E-C2A980BC4526 () isc ! org
[Download RAW message or body]
[Attachment #2 (multipart/alternative)]
ISC DHCP 4.1-ESV-R6 is now available for download.
This is a production release of 4.1-ESV-R6, a maintenance release
that includes several security patches as well as some bug fixes.
The security advisories can be found at:
https://kb.isc.org/article/AA-00712
https://kb.isc.org/article/AA-00737
A list of the changes in this release has been appended to the end
of this message. For a complete list of changes from any previous
release, please consult the RELNOTES file within the source
distribution, or on our website:
http://www.isc.org/software/dhcp/41-esv-r6
This release, and its OpenPGP-signatures are available now from:
ftp://ftp.isc.org/isc/dhcp/4.1-ESV-R6/dhcp-4.1-ESV-R6.tar.gz
ftp://ftp.isc.org/isc/dhcp/4.1-ESV-R6/dhcp-4.1-ESV-R6.tar.gz.sha512.asc
ftp://ftp.isc.org/isc/dhcp/4.1-ESV-R6/dhcp-4.1-ESV-R6.tar.gz.sha256.asc
ftp://ftp.isc.org/isc/dhcp/4.1-ESV-R6/dhcp-4.1-ESV-R6.tar.gz.sha1.asc
ISC's Release Signing Key can be obtained at:
http://www.isc.org/about/openpgp/
Changes since 4.1-ESV-R5
- Correct code to calculate timing values in client to compare
rebind value to infinity instead of renew value.
Thanks to Chenda Huang from H3C Technologies Co., Limited
for reporting this issue.
[ISC-Bugs #29062]
- Fix some issues in the code for parsing and printing options.
[ISC-Bugs #22625] - properly print options that have several fields
followed by an array of something for example "fIa"
[ISC-Bugs #27289] - properly parse options in declarations that have
several fields followed by an array of something for example "fIa"
[ISC-Bugs #27296] - properly determine if we parsed a 16 or 32 bit
value in evaluate_numeric_expression (extract-int).
[ISC-Bugs #27314] - properly parse a zero length option from
a lease file. Thanks to Marius Tomaschewski from SUSE for the report
and prototype patch for this ticket as well as ticket 27289.
! Previously the server code was relaxed to allow packets with zero
length client ids to be processed. Under some situations use of
zero length client ids can cause the server to go into an infinite
loop. As such ids are not valid according to RFC 2132 section 9.14
the server no longer accepts them. Client ids with a length of 1
are also invalid but the server still accepts them in order to
minimize disruption. The restriction will likely be tightened in
the future to disallow ids with a length of 1.
Thanks to Markus Hietava of Codenomicon CROSS project for the
finding this issue and CERT-FI for vulnerability coordination.
[ISC-Bugs #29851]
CVE: CVE-2012-3571
! A pair of memory leaks were found and fixed. Thanks to
Glen Eustace of Massey University, New Zealand for finding
this issue.
[ISC-Bugs #30024]
CVE: CVE-2012-3954
[Attachment #5 (unknown)]
<html><head></head><body style="word-wrap: break-word; -webkit-nbsp-mode: space; \
-webkit-line-break: after-white-space; ">ISC DHCP 4.1-ESV-R6 is now available for \
download.<div><br></div><div>This is a production release of 4.1-ESV-R6, a \
maintenance release</div><div>that includes several security patches as well as some \
bug fixes.</div><div><br></div><div>The security advisories can be found \
at:</div><div><a href="https://kb.isc.org/article/AA-00712">https://kb.isc.org/article/AA-00712</a></div><div><a \
href="https://kb.isc.org/article/AA-00737">https://kb.isc.org/article/AA-00737</a></div><div><br></div><div><div>A \
list of the changes in this release has been appended to the end</div><div>of this \
message. For a complete list of changes from any previous</div><div>release, \
please consult the RELNOTES file within the source</div><div>distribution, or on our \
website:</div><div><br></div><div><a \
href="http://www.isc.org/software/dhcp/41-esv-r6">http://www.isc.org/software/dhcp/41-esv-r6</a></div><div><br></div><div>This \
release, and its OpenPGP-signatures are available now \
from:</div><div><br></div><div> <a \
href="ftp://ftp.isc.org/isc/dhcp/4.1-ESV-R6/dhcp-4.1-ESV-R6.tar.gz">ftp://ftp.isc.org/isc/dhcp/4.1-ESV-R6/dhcp-4.1-ESV-R6.tar.gz</a></div><div> \
<a href="ftp://ftp.isc.org/isc/dhcp/">ftp://ftp.isc.org/isc/dhcp/</a>4.1-ESV-R6/dhcp-4.1-ESV-R6.tar.gz.sha512.asc</div><div> \
<a href="ftp://ftp.isc.org/isc/dhcp/">ftp://ftp.isc.org/isc/dhcp/</a>4.1-ESV-R6/dhcp-4.1-ESV-R6.tar.gz.sha256.asc</div><div> \
<a href="ftp://ftp.isc.org/isc/dhcp/">ftp://ftp.isc.org/isc/dhcp/</a>4.1-ESV-R6/dhcp-4.1-ESV-R6.tar.gz.sha1.asc</div><div><br></div><div>ISC's \
Release Signing Key can be obtained at:</div><div><br></div><div> \
<a href="http://www.isc.org/about/openpgp/">http://www.isc.org/about/openpgp/</a></div></div><div><br></div><div><div> \
Changes \
since 4.1-ESV-R5</div><div><br></div><div>- Correct code to calculate timing values \
in client to compare</div><div> rebind value to infinity instead of renew \
value.</div><div> Thanks to Chenda Huang from H3C Technologies Co., \
Limited</div><div> for reporting this issue.</div><div> [ISC-Bugs \
#29062]</div><div><br></div><div>- Fix some issues in the code for parsing and \
printing options.</div><div> [ISC-Bugs #22625] - properly print options that \
have several fields</div><div> followed by an array of something for example \
"fIa"</div><div> [ISC-Bugs #27289] - properly parse options in declarations \
that have</div><div> several fields followed by an array of something for \
example "fIa"</div><div> [ISC-Bugs #27296] - properly determine if we parsed a \
16 or 32 bit</div><div> value in evaluate_numeric_expression \
(extract-int).</div><div> [ISC-Bugs #27314] - properly parse a zero length \
option from</div><div> a lease file. Thanks to Marius Tomaschewski from \
SUSE for the report</div><div> and prototype patch for this ticket as well as \
ticket 27289.</div><div><br></div><div>! Previously the server code was relaxed to \
allow packets with zero</div><div> length client ids to be processed. \
Under some situations use of</div><div> zero length client ids can cause \
the server to go into an infinite</div><div> loop. As such ids are not \
valid according to RFC 2132 section 9.14</div><div> the server no longer \
accepts them. Client ids with a length of 1</div><div> are also invalid \
but the server still accepts them in order to</div><div> minimize disruption. \
The restriction will likely be tightened in</div><div> the future to \
disallow ids with a length of 1.</div><div> Thanks to Markus Hietava of \
Codenomicon CROSS project for the</div><div> finding this issue and CERT-FI for \
vulnerability coordination.</div><div> [ISC-Bugs #29851]</div><div> CVE: \
CVE-2012-3571</div><div><br></div><div>! A pair of memory leaks were found and fixed. \
Thanks to</div><div> Glen Eustace of Massey University, New Zealand for \
finding</div><div> this issue.</div><div> [ISC-Bugs \
#30024]</div><div> CVE: CVE-2012-3954</div></div><div><br></div></body></html>
_______________________________________________
dhcp-announce mailing list
dhcp-announce@lists.isc.org
https://lists.isc.org/mailman/listinfo/dhcp-announce
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic