Hi! During testing of our updated dhcp packages, we have found out that patch for CVE-2007-5365 used by OpenBSD was not sufficient and it was still possible to crash dhcpd. Your dhcp packages released in DSA 1388-1 also seem affected. You can find better patch based on dhcp-3.x code here:
https://bugzilla.redhat.com/show_bug.cgi?id=327781#c5 Note: [EMAIL PROTECTED] was notified on 2007-10-23. Updated DSA 1388-3 released on 2007-10-29. -- Tomas Hoger Red Hat Security Response Team -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]