047cec5993
CVE-2018-5732: The DHCP client incorrectly handled certain malformed responses. A remote attacker could use this issue to cause the DHCP client to crash, resulting in a denial of service, or possibly execute arbitrary code. In the default installation, attackers would be isolated by the dhclient AppArmor profile. CVE-2018-5733: The DHCP server incorrectly handled reference counting. A remote attacker could possibly use this issue to cause the DHCP server to crash, resulting in a denial of service. Both issues are fixed in version 4.4.1. But we are close to release, so backport the fixes instead of bumping version. Signed-off-by: Baruch Siach <baruch@tkos.co.il> Signed-off-by: Peter Korsgaard <peter@korsgaard.com> |
||
|---|---|---|
| .. | ||
| 0001-bind-cross-compile.patch | ||
| 0002-v4_3-Plugs-a-socket-descriptor-leak-in-OMAPI.patch | ||
| 0003-Correct-buffer-overrun-in-pretty_print_option.patch | ||
| 0004-Corrected-refcnt-loss-in-option-parsing.patch | ||
| Config.in | ||
| S80dhcp-relay | ||
| S80dhcp-server | ||
| dhclient-script | ||
| dhclient.conf | ||
| dhcp.hash | ||
| dhcp.mk | ||
| dhcpd.conf | ||
| dhcpd.service | ||