SCIENTIFIC-LINUX-ERRATA Archives

December 2016

SCIENTIFIC-LINUX-ERRATA@LISTSERV.FNAL.GOV
Options: Use Monospaced Font
Show Text Part by Default
Show All Mail Headers

Message: [<< First] [< Prev] [Next >] [Last >>]
Topic: [<< First] [< Prev] [Next >] [Last >>]
Author: [<< First] [< Prev] [Next >] [Last >>]

Print Reply
Subject:
Security ERRATA Moderate: dhcp on SL7.x x86_64
From:
Scott Reid <[log in to unmask]>
Reply To:
[log in to unmask]
Date:
Wed, 14 Dec 2016 17:57:13 -0000
Content-Type:
text/plain
Parts/Attachments:
text/plain (31 lines) 
Synopsis:          Moderate: dhcp security, bug fix, and enhancement update
Advisory ID:       SLSA-2016:2590-2
Issue Date:        2016-11-03
CVE Numbers:       CVE-2016-2774
--

Security Fix(es):

* A resource-consumption flaw was discovered in the DHCP server. dhcpd did
not restrict the number of open connections to OMAPI and failover ports. A
remote attacker able to establish TCP connections to one of these ports
could use this flaw to cause dhcpd to exit unexpectedly, stop responding
requests, or exhaust system sockets (denial of service). (CVE-2016-2774)

Additional Changes:
--

SL7
  x86_64
    dhclient-4.2.5-47.el7.x86_64.rpm
    dhcp-common-4.2.5-47.el7.x86_64.rpm
    dhcp-debuginfo-4.2.5-47.el7.i686.rpm
    dhcp-debuginfo-4.2.5-47.el7.x86_64.rpm
    dhcp-libs-4.2.5-47.el7.i686.rpm
    dhcp-libs-4.2.5-47.el7.x86_64.rpm
    dhcp-4.2.5-47.el7.x86_64.rpm
    dhcp-devel-4.2.5-47.el7.i686.rpm
    dhcp-devel-4.2.5-47.el7.x86_64.rpm

- Scientific Linux Development Team

ATOM RSS1 RSS2