Path to this page:
Subject: CVS commit: pkgsrc/net/isc-dhcp4
From: Takahiro Kambe
Date: 2018-03-01 01:53:05
Message id: 20180301005305.268C9FB40@cvs.NetBSD.org
Log Message:
net/isc-dhcp4: update to 4.3.6p1 (ISC DHCP 4.3.6-P1)
Changes since 4.3.6
!- Plugged a socket descriptor leak in OMAPI, that can occur when there is
data pending to be written to an OMAPI connection, when the connection
is closed by the reader.
[ISc-Bugs #46767]
! Corrected an issue where large sized 'X/x' format options were causing
option handling logic to overwrite memory when expanding them to human
readable form. Reported by Felix Wilhelm, Google Security Team.
[ISC-Bugs #47139]
CVE: CVE-2018-5732
! Option reference count was not correctly decremented in error path
when parsing buffer for options. Reported by Felix Wilhelm, Google
Security Team.
[ISC-Bugs #47140]
CVE: CVE-2018-5733
Files: