-
isc-dhcp (4.3.5-3ubuntu7.4) bionic-security; urgency=medium
* SECURITY UPDATE: option refcount overflow
- debian/patches/CVE-2022-2928.patch: correct reference counts in
common/options.c, common/tests/option_unittest.c.
- CVE-2022-2928
* SECURITY UPDATE: DHCP memory leak
- debian/patches/CVE-2022-2929.patch: properly free memory when hitting
errors in common/options.c.
- CVE-2022-2929
-- Marc Deslauriers <email address hidden> Tue, 04 Oct 2022 09:38:12 -0400
-
isc-dhcp (4.3.5-3ubuntu7.3) bionic-security; urgency=medium
* SECURITY UPDATE: DoS via incorrect option information parsing
- debian/patches/CVE-2021-25217.patch: fix parsing in common/parse.c.
- CVE-2021-25217
-- Marc Deslauriers <email address hidden> Tue, 25 May 2021 06:50:53 -0400
-
isc-dhcp (4.3.5-3ubuntu7.2) bionic; urgency=medium
* Fix env variable for INTERFACES (LP: #1894172)
- d/isc-dhcp-server.isc-dhcp-server{,6}.service: Replace $INTERFACES
variable with $INTERFACEv4 and $INTERFACESv6, respectively, for
respective services file.
-- Utkarsh Gupta <email address hidden> Wed, 10 Mar 2021 19:57:51 +0530
-
isc-dhcp (4.3.5-3ubuntu7.1) bionic-security; urgency=medium
* SECURITY UPDATE: DoS via change in bind behaviour (LP: #1781699)
- debian/patches/CVE-2019-6470.patch: use 0 instead of -1 to indicate
empty heap index in includes/dhcpd.h, server/mdb6.c,
server/tests/mdb6_unittest.c.
- CVE-2019-6470
-- Marc Deslauriers <email address hidden> Mon, 06 May 2019 09:00:01 -0400
-
isc-dhcp (4.3.5-3ubuntu7) bionic; urgency=medium
* bind-includes.patch: Copied from Debian to fix build with bind
9.11.3.
-- Timo Aaltonen <email address hidden> Mon, 16 Apr 2018 13:40:34 +0300
-
isc-dhcp (4.3.5-3ubuntu6) bionic; urgency=medium
* debian/apparmor/sbin.dhclient: drop 'capability sys_module' since we
already have 'net_admin' and network module loading (which might happen via
ip/ifconfig/etc) allowed with 'net_admin' (LP: #1759032)
-- Jamie Strandboge <email address hidden> Mon, 26 Mar 2018 21:00:32 +0000
-
isc-dhcp (4.3.5-3ubuntu5) bionic; urgency=medium
* SECURITY UPDATE: DoS via omapi
- debian/patches/CVE-2018-573x.patch: fix socket descriptor leak in
omapip/buffer.c, omapip/message.c.
- CVE-2017-3144
* SECURITY UPDATE: buffer overflow in dhclient
- debian/patches/CVE-2018-573x.patch: check option data size in
common/options.c, add tests to common/tests/Makefile.am,
common/tests/option_unittest.c.
- CVE-2018-5732
* SECURITY UPDATE: reference counter overflow in dhcpd
- debian/patches/CVE-2018-573x.patch: avoid overflow in
common/options.c.
- CVE-2018-5733
-- Marc Deslauriers <email address hidden> Thu, 01 Mar 2018 07:48:09 -0500
-
isc-dhcp (4.3.5-3ubuntu4) bionic; urgency=medium
* dhclient-script.linux: handle empty case also when waiting for ipv6 link
local DAD. (LP: #1718568)
-- Dan Streetman <email address hidden> Thu, 12 Oct 2017 08:48:06 -0400
-
isc-dhcp (4.3.5-3ubuntu3) bionic; urgency=medium
* No-change rebuild against the new SOVERs of bind9 libraries.
-- Adam Conrad <email address hidden> Wed, 31 Jan 2018 15:44:15 -0700
-
isc-dhcp (4.3.5-3ubuntu2) artful; urgency=medium
* debian/initramfs-tools/lib/etc/dhcp/dhclient-enter-hooks.d/config: fix the
logic for handling search domains to also write it to the output file when
only the domain name is provided by the DHCP server. Copied code from
debian/dhclient-script.linux. (LP: #1713747)
-- Mathieu Trudel-Lapierre <email address hidden> Thu, 14 Sep 2017 15:41:06 -0700
