CVSROOT: /cvs Module name: src Changes by: k...@cvs.openbsd.org 2011/11/12 08:39:52
Modified files:
usr.sbin/dhcpd : dispatch.c
Log message:
Zero option processing stack storage to prevent stack garbage that
happens to look like options from being processed as options when
truncated packets received.
Potential problem pointed out by mikeb@, from a couple of NIST
reports (CVE-2011-2748 and CVE-2011-2749).
