[ubuntu/bionic-proposed] isc-dhcp 4.3.5-3ubuntu5 (Accepted)

Marc Deslauriers marc.deslauriers at ubuntu.com
Thu Mar 1 15:34:25 UTC 2018 

isc-dhcp (4.3.5-3ubuntu5) bionic; urgency=medium

  * SECURITY UPDATE: DoS via omapi
    - debian/patches/CVE-2018-573x.patch: fix socket descriptor leak in
      omapip/buffer.c, omapip/message.c.
    - CVE-2017-3144
  * SECURITY UPDATE: buffer overflow in dhclient
    - debian/patches/CVE-2018-573x.patch: check option data size in
      common/options.c, add tests to common/tests/Makefile.am,
      common/tests/option_unittest.c.
    - CVE-2018-5732
  * SECURITY UPDATE: reference counter overflow in dhcpd
    - debian/patches/CVE-2018-573x.patch: avoid overflow in
      common/options.c.
    - CVE-2018-5733

Date: Thu, 01 Mar 2018 07:48:09 -0500
Changed-By: Marc Deslauriers <marc.deslauriers at ubuntu.com>
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
https://launchpad.net/ubuntu/+source/isc-dhcp/4.3.5-3ubuntu5
-------------- next part --------------
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Thu, 01 Mar 2018 07:48:09 -0500
Source: isc-dhcp
Binary: isc-dhcp-server isc-dhcp-server-ldap isc-dhcp-common isc-dhcp-dev isc-dhcp-client isc-dhcp-client-ddns isc-dhcp-client-udeb isc-dhcp-relay
Architecture: source
Version: 4.3.5-3ubuntu5
Distribution: bionic
Urgency: medium
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
Changed-By: Marc Deslauriers <marc.deslauriers at ubuntu.com>
Description:
 isc-dhcp-client - DHCP client for automatically obtaining an IP address
 isc-dhcp-client-ddns - Dynamic DNS (DDNS) enabled DHCP client
 isc-dhcp-client-udeb - ISC DHCP Client for debian-installer (udeb)
 isc-dhcp-common - common manpages relevant to all of the isc-dhcp packages
 isc-dhcp-dev - API for accessing and modifying the DHCP server and client state
 isc-dhcp-relay - ISC DHCP relay daemon
 isc-dhcp-server - ISC DHCP server for automatic IP address assignment
 isc-dhcp-server-ldap - DHCP server that uses LDAP as its backend
Changes:
 isc-dhcp (4.3.5-3ubuntu5) bionic; urgency=medium
 .
   * SECURITY UPDATE: DoS via omapi
     - debian/patches/CVE-2018-573x.patch: fix socket descriptor leak in
       omapip/buffer.c, omapip/message.c.
     - CVE-2017-3144
   * SECURITY UPDATE: buffer overflow in dhclient
     - debian/patches/CVE-2018-573x.patch: check option data size in
       common/options.c, add tests to common/tests/Makefile.am,
       common/tests/option_unittest.c.
     - CVE-2018-5732
   * SECURITY UPDATE: reference counter overflow in dhcpd
     - debian/patches/CVE-2018-573x.patch: avoid overflow in
       common/options.c.
     - CVE-2018-5733
Checksums-Sha1:
 8ee1ae89d1bb8f170a3195e4a4cd00d1ead5d5e1 2701 isc-dhcp_4.3.5-3ubuntu5.dsc
 2713775280cae69f22731b7e7718d97f4d64f81e 115616 isc-dhcp_4.3.5-3ubuntu5.debian.tar.xz
 98edb8d2fa5c691e9506b5d3da55e2ec388d20a4 7597 isc-dhcp_4.3.5-3ubuntu5_source.buildinfo
Checksums-Sha256:
 00c46c1545874621647eaf5514c670c6481521b9fd5e8680d897af57c5209b42 2701 isc-dhcp_4.3.5-3ubuntu5.dsc
 57ad1d6dd3afdd720896b5f0d4756367e091a36be16c14e2e80e9e2355afdaf1 115616 isc-dhcp_4.3.5-3ubuntu5.debian.tar.xz
 6dd0d1acba69fde3230f5c4017672fd5d1c1e9291724ffeae260ce0c2f720c04 7597 isc-dhcp_4.3.5-3ubuntu5_source.buildinfo
Files:
 dc6ebb713581177068a46998dff0874b 2701 net important isc-dhcp_4.3.5-3ubuntu5.dsc
 11793b0cbabb0bcab3c606b288b96fcf 115616 net important isc-dhcp_4.3.5-3ubuntu5.debian.tar.xz
 954552ff3c4d8dac62af0092f869ec07 7597 net important isc-dhcp_4.3.5-3ubuntu5_source.buildinfo
Original-Maintainer: Debian ISC DHCP maintainers <pkg-dhcp-devel at lists.alioth.debian.org>

-----BEGIN PGP SIGNATURE-----

iQIcBAEBCgAGBQJamBzEAAoJEGVp2FWnRL6T1HkP/0uRmsCnXMachKuIUc6PsGTp
nPgO0X5OPo6JWNN2T0KjS/lOP4IFrSwA/lr+hisSq/VnK0OhiMNy2pkBnTjBYyRl
Tn/ut/EMSwQCiHNh4hGj/Rm5d7bwje5vrKV2rbW5ly3PcS3tMVCeb81B3lx4cK6e
M8RF1D8MnSHsqLgaz8kwvPOxnTdoUOK6BplPFr7D7wldIsvzJq0kUL8fn8NGKo9A
dDMCYGRDftWIllDKVtD6YqjdjBvR4e4qv/y0HprI3dvda7wiW1b16E5zLTgvZkHK
SR/HOVGC09xJXlgVh9KHLjKLAJX2fP6vFgIWGz0J8qGhgaYf8D1NymvxCWwzePWs
zlKkHfAMjwge7xKlRVpFV4Z6caB6o07yAzhXxx7+U2y8Rg03W5cOt6GqxjHtlXJq
HItesuBvhvPHYG56I1/LKNLTkYLH5wQCfV6wXHLjKSj2jWm1E01WQQ3sCGc6oTKD
3ZhtdbwMZdqheRT71eKozxnjXa60LvZdiPjyliLwfn5RThjdB/SXJBgTiV4hZAJL
mAqULgrevBQ64Ebf6uG4kx3IcpYr6+Wvrd17cP6R2HTFZWxgYrt+jhz4zndRF9kT
GALgiT7vIpOiKJ9BVQXHE6yqsGebjIZWpV/plxdvg3wA7mf1fHPnAy4L0AfTx2i1
JX+L+y4WqKjkUuG5PjQL
=0aN8
-----END PGP SIGNATURE-----

More information about the Bionic-changes mailing list