Bug 599066

Summary: ISC DHCP 4.1.1-P1 contains a pair of bug fixes including one for a security related bug
Product: Red Hat Enterprise Linux 6 Reporter: Jiri Popelka <jpopelka>
Component: dhcpAssignee: Jiri Popelka <jpopelka>
Status: CLOSED CURRENTRELEASE QA Contact: Release Test Team <release-test-team>
Severity: medium Docs Contact:
Priority: medium    
Version: 6.0CC: mganisin, ovasik, vcrhonek
Target Milestone: rcKeywords: Rebase
Target Release: ---   
Hardware: All   
OS: Linux   
Whiteboard:
Fixed In Version: dhcp-4.1.1-11.P1.el6 Doc Type: Rebase: Bug Fixes and Enhancements
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2010-11-10 15:11:52 EST Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---
Attachments:
Description Flags
Fixes for [ISC-Bugs #21152] and [ISC-Bugs #21253] jpopelka: review? (vcrhonek)

Description Jiri Popelka 2010-06-02 11:45:55 EDT
Created attachment 419080 [details]
Fixes for [ISC-Bugs #21152] and [ISC-Bugs #21253]

ISC DHCP 4.1.1-P1 is a patch release of ISC DHCP 4.1.1,
which contains a pair of bug fixes including
one for a security related bug.

http://ftp.isc.org/isc/dhcp/dhcp-4.1.1-P1-RELNOTES
- A bug was fixed that could cause the DHCPv6 server to advertise/assign a
  previously allocated (active) lease to a client that has changed subnets,
  despite being on different shared networks.  Dynamic prefixes specifically
  allocated in shared networks also now are not offered if the client has
  moved.  [ISC-Bugs #21152]

! Accept a client id of length 0 while hashing.  Previously the server would
  exit if it attempted to hash a zero length client id, providing attackers
  with a simple denial of service attack.  [ISC-Bugs #21253]

Version-Release number of selected component (if applicable):
dhcp-4.1.1-10.el6
Comment 1 RHEL Product and Program Management 2010-06-02 11:50:31 EDT
This request was evaluated by Red Hat Product Management for inclusion in a Red
Hat Enterprise Linux major release.  Product Management has requested further
review of this request by Red Hat Engineering, for potential inclusion in a Red
Hat Enterprise Linux Major release.  This request is not yet committed for
inclusion.
Comment 2 Jiri Popelka 2010-06-02 13:50:03 EDT
I'm not sure how to reproduce those two bugs.
I was unsuccessful in configuring client to send zero length client ID ([ISC-Bugs #21253]).
Putting 
send dhcp-client-identifier "";
or something similar into dhclient.conf doesn't work.

Additional info:
https://lists.isc.org/pipermail/dhcp-announce/2010-June/000285.html
Comment 6 Jiri Popelka 2010-06-04 07:37:43 EDT
Fixed in dhcp-4.1.1-11.P1.el6

http://post-office.corp.redhat.com/archives/cvs-commits-list/2010-June/msg00642.html
Comment 8 releng-rhel@redhat.com 2010-11-10 15:11:52 EST
Red Hat Enterprise Linux 6.0 is now available and should resolve
the problem described in this bug report. This report is therefore being closed
with a resolution of CURRENTRELEASE. You may reopen this bug report if the
solution does not work for you.