Opened 5 years ago

Closed 5 years ago

Last modified 5 years ago

#11994 closed enhancement (fixed)

dhcpcd-7.2.1

Reported by: Bruce Dubbs Owned by: blfs-book
Priority: normal Milestone: 9.0
Component: BOOK Version: SVN
Severity: normal Keywords:
Cc:

Description

New point version.

Change History (3)

comment:1 by Bruce Dubbs, 5 years ago

dhcpcd-7.2.1 has been released with the following changes:

  • Solaris: Many more issues fixed
  • OpenBSD: Don't spam syslog when cannot send NA
  • FreeBSD: Fix fetching IPv6 address lifetimes

These security issues are also addressed:

  • auth: Use consttime_memequal to avoid latency attack

consttime_memequal is supplied if libc does not support it dhcpcd >=6.2 <7.2.1 are vulnerable

  • DHCP: Fix a potential 1 byte read overflow with DHO_OPTSOVERLOADED

dhcpcd >=4 <7.2.1 are vulnerable

  • DHCPv6: Fix a potential buffer overflow reading NA/TA addresses

dhcpcd >=7 <7.2.1 are vulnerable

comment:2 by Bruce Dubbs, 5 years ago

Resolution: fixed
Status: newclosed

Fixed at revision 21520.

comment:3 by Bruce Dubbs, 5 years ago

Milestone: 8.59.0

Milestone renamed

Note: See TracTickets for help on using tickets.