#11994: dhcpcd-7.2.1
-------------------------+------------------------
Reporter: bdubbs | Owner: blfs-book
Type: enhancement | Status: new
Priority: normal | Milestone: 8.5
Component: BOOK | Version: SVN
Severity: normal | Resolution:
Keywords: |
-------------------------+------------------------
Comment (by bdubbs):
dhcpcd-7.2.1 has been released with the following changes:
* Solaris: Many more issues fixed
* OpenBSD: Don't spam syslog when cannot send NA
* FreeBSD: Fix fetching IPv6 address lifetimes
These security issues are also addressed:
* auth: Use consttime_memequal to avoid latency attack
consttime_memequal is supplied if libc does not support it
dhcpcd >=6.2 <7.2.1 are vulnerable
* DHCP: Fix a potential 1 byte read overflow with DHO_OPTSOVERLOADED
dhcpcd >=4 <7.2.1 are vulnerable
* DHCPv6: Fix a potential buffer overflow reading NA/TA addresses
dhcpcd >=7 <7.2.1 are vulnerable
--
Ticket URL: <http://wiki.linuxfromscratch.org/blfs/ticket/11994#comment:1>
BLFS Trac <http://wiki.linuxfromscratch.org/blfs>
Beyond Linux From Scratch
--
http://lists.linuxfromscratch.org/listinfo/blfs-book
FAQ: http://www.linuxfromscratch.org/blfs/faq.html
Unsubscribe: See the above information page
