[prev in list] [next in list] [prev in thread] [next in thread]
List: dhcp-announce
Subject: ISC_DHCP 4.1-ESV-R16 is now available for download
From: Thomas Markwalder <tmark () isc ! org>
Date: 2020-01-22 15:46:17
Message-ID: b5fc0cb0-2a05-9ede-5600-c9a8b0c1c47a () isc ! org
[Download RAW message or body]
ISC DHCP 4.1-ESV-R16 is now available for download.
This is release ISC DHCP 4.1-ESV-R162, a maintenance release that
contains a number of bug fixes.
A list of the changes in this release has been appended to the end of
this message. For a complete list of changes from any previous release,
please consult the RELNOTES file within the source distribution.
Knowledgebase articles about various topics and features can be found here:
https://kb.isc.org/docs
Webinars can be found here:
https://www.isc.org/presentations
This release and its OpenPGP-signatures are available now from:
https://www.isc.org/download
https://downloads.isc.org/isc/dhcp/4.1-ESV-R16/dhcp-4.1-ESV-R16.tar.gz
https://downloads.isc.org/isc/dhcp/4.1-ESV-R16/dhcp-4.1-ESV-R16.tar.gz.sha512.asc
https://downloads.isc.org/isc/dhcp/4.1-ESV-R16/dhcp-4.1-ESV-R16.tar.gz.sha256.asc
https://downloads.isc.org/isc/dhcp/4.1-ESV-R16/dhcp-4.1-ESV-R16.tar.gz.sha1.asc
or
https://ftp.isc.org/isc/dhcp/4.1-ESV-R16/dhcp-4.1-ESV-R16.tar.gz
https://ftp.isc.org/isc/dhcp/4.1-ESV-R16/dhcp-4.1-ESV-R16.tar.gz.sha512.asc
https://ftp.isc.org/isc/dhcp/4.1-ESV-R16/dhcp-4.1-ESV-R16.tar.gz.sha256.asc
https://ftp.isc.org/isc/dhcp/4.1-ESV-R16/dhcp-4.1-ESV-R16.tar.gz.sha1.asc
ISC's Release Signing Key can be obtained at:
https://www.isc.org/pgpkey
The following is an excerpt from the 4.1-ESV-R16 release notes:
Internet Systems Consortium DHCP Distribution
Version 4.1-ESV-R16
01 January 2020
Release Notes
NEW FEATURES
Version 4.1-ESV-R16 is a maintenance release of an extended support version
(ESV) release. ESVs are intended for users who have longer upgrade
constraints. Please see our web page:
https://kb.isc.org/docs/aa-00896
for more information on ESVs.
ISC DHCP 4.1.x includes several new DHCPv6 features that were not included
in DHCP 4.0.x. These include:
- Support for the rapid-commit option on the client side
- Prefix Delegation support
- IA_TA address support
- A basic DHCPv6 relay agent
- Basic and partial DHCPv6 leasequery support
There are a number of DHCPv6 limitations and features missing in this
release, which will be addressed in the future:
- Only Solaris, Linux, FreeBSD, NetBSD, and OpenBSD are supported.
- Only a single address is supported per IA.
- DHCPv6 includes human-readable text in status code messages. These
should be configurable, and probably localized via gettext() or the
like.
- The "host-identifier" option is limited to a simple token.
- The client and server can only operate either DHCPv4 or DHCPv6 at one
time,
not both. To use both protocols simultaneously, two instances of the
relevant daemon are required, one with the '-6' command line option.
For information on how to install, configure, and run this software, as
well as how to find documentation and report bugs, please consult the
README file.
ISC DHCP uses standard GNU configure for installation. Please review the
output of "./configure --help" to see what options are available.
The system has only been tested on Linux, FreeBSD, and Solaris, and may not
work on other platforms. Please report any problems and suggested fixes to
<dhcp-users@isc.org>.
ISC DHCP is open source software maintained by Internet Systems
Consortium. This product includes cryptographic software written
by Eric Young (eay@cryptsoft.com).
Our current major version of ISC DHCP, version 4.4.0, is re-licensed under
the Mozilla Public License, MPL 2.0. To read the MPL 2.0 license terms,
please
refer to: https://www.mozilla.org/en-US/MPL/2.0/.
This change applies to ISC DHCP version 4.4.0 and any 4.4.x versions. Older
versions already published under the ISC license will remain under the ISC
license. Those unsure whether the license change affects their use of
ISC DHCP, or who wish to discuss how to comply with the license, may contact
ISC at info@isc.org or use https://www.isc.org/contact/.
We welcome comments from DHCP users, about this or anything else we do.
Email Vicky Risk, Product Manager, at vicky@isc.org or discuss on
dhcp-users@lists.isc.org.
Changes since 4.1-ESV-R16b1
- Corrected buffer pointer logic in dhcrelay functions that manipulate
agent relay options. Thanks to Thomas Imbert of MSRC Vulnerabilities &
Mitigations for reporting the issue.
[#71]
Changes since 4.1-ESV-R15-P1
- Made minor changes to eliminate warnings when compiled with GCC 9.
Thanks to Brett Neumeier for bringing the matter to our attention.
[Gitlab #15]
- Fixed define flags when using SO_BINDTODEVICE. Thanks to Joe LeVeque for
reporting the issue.
[ISC-Bugs #19]
- The "d" domain name option format was incorrectly handled as text
instead of RFC 1035 wire format. Thanks to Jay Doran at BlueCat Networks
for reporting this issue.
[Gitlab #2]
- Corrected a number of reference counter and zero-length buffer leaks.
Thanks to Christopher Ertl of MSRC Vulnerabilities & Mitigations for
pointing them out.
[Gitlab #57]
- The option format for the server option omapi-key was changed to a
format type 'k' (key name), while server options ldap-port and
ldap-init-retry were changed to 'L' (unsigned 32-bit integer). These
three options were inadvertently broken when the 'd' format content
was changed to comply with RFC 1035 wire format (see Gitlab #2).
[Gitlab #68]
Changes since 4.1-ESV-R15
- Corrected dhclient command line parsing for --dad-wait-time that causes
even valid values to fail as invalid on some environments.
[ISC-Bugs #46535]
- Added to code ignore empty IPv4 host name option (code 12). While RFC 2132
states the option cannot be empty, some clients are apparently capable of
sending it. Prior to this the server was attempting to use it and store it
in the lease file, causing issues with DDNS and so forth.
[ISC-bugs #43786]
- When given the -T command line argument, in addition to reading the
current lease file, the server will write the leases to a temporary
lease file. This can help detect issues in server configuration that
only surface when leases are written to the file. The current lease
file will not be modified and the temporary lease file is removed upon
completion of the test.
[ISC-Bugs #22267]
- The server now recognizes environment variables PATH_DHCPD_DB and
PATH_DHCPD_PID. These had been incorrectly compiled out of the code
unless DHCPv6 support was disabled. Additionally, the server man
pages were corrected to accurately reflect how the server chooses
file names (see lease-file-name and pid-file-name statements). Thanks
to Fernando Soto at BlueCat for bringing this matter to our attention.
[ISC-Bugs #46859]
- Removed an "Impossible condition" error upon exit in the dhcpd server that
has been shutdown via OMAPI. This condition was only apparent under
Solaris
when building with --enable-use-sockets and --enable-ipv4-pktinfo.
[ISC-Bugs #36118]
- Added clarifying text to dhcpd.conf.5 explaining that the class match
expressions
cannot rely on the results of executable statements.
[ISC-Bugs #45451]
- Support for sending and receiving additional DHCP4 options has been added
to both the dhcpd and dhclient. Specifically: option codes 93, 94, and 97
(RFC 4578); code 150 (RFC 5859); and codes 209, 219, and 211 (RFC 5071).
Beyond configuring, sending, requesting, and receiving these options
neither
server nor client apply any additional logic based on their values.
Thanks to Peter Lewis for requesting this change.
[ISC-Bugs 47062]
! Option reference count was not correctly decremented in error path
when parsing buffer for options. Reported by Felix Wilhelm, Google
Security Team.
[ISC-Bugs #47140]
CVE: CVE-2018-5733
! Corrected an issue where large sized 'X/x' format options were causing
option handling logic to overwrite memory when expanding them to human
readable form. Reported by Felix Wilhelm, Google Security Team.
[ISC-Bugs #47139]
CVE: CVE-2018-5732
_______________________________________________
dhcp-announce mailing list
dhcp-announce@lists.isc.org
https://lists.isc.org/mailman/listinfo/dhcp-announce
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic