"infamous41md" noticed that the log functions in dhcp 2.x pass parameters to a function that uses format strings. One use seems to be exploitable in connection with a malicious DNS server. http://www.debian.org/security/2004/dsa-584 http://secunia.com/advisories/13112/ ISC has released an advisory on this topic: http://marc.theaimsgroup.com/?l=dhcp-announce&m=109996073218290&w=2 Red Hat Linux 7.3 is the only Legacy-supported release affected. ------- Additional Comments From cra 2004-11-08 15:10:27 ---- Patch available here: ftp://ftp.isc.org/isc/dhcp/dhcp-2.0-history/dhcp-2.0pl6.patch ftp://ftp.isc.org/isc/dhcp/dhcp-2.0-history/dhcp-2.0pl6.patch.asc ------- Additional Comments From pekkas 2004-12-19 10:29:29 ---- -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Minimal-change packages created for RHL73 with the patch added. http://www.netcore.fi/pekkas/linux/dhcp-2.0pl5-8.1.legacy.i386.rpm http://www.netcore.fi/pekkas/linux/dhcp-2.0pl5-8.1.legacy.src.rpm Changelog: * Sun Dec 19 2004 Pekka Savola <pekkas> 1:2.0pl5-8.1.legacy - - add ftp://ftp.isc.org/isc/dhcp/dhcp-2.0-history/dhcp-2.0pl6.patch to fix CAN-2004-1006 SHA1sums: 1c47b6cbffa953e201a9d46ed4f62b3784e4bd92 dhcp-2.0pl5-8.1.legacy.i386.rpm 2e8fce19ea58a7c1957d866afdbaa3656202e463 dhcp-2.0pl5-8.1.legacy.src.rpm -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.7 (GNU/Linux) iD8DBQFBxeRYGHbTkzxSL7QRAmVyAKDB9B+Q/ZOIYcNEd/Tyt8lyC38J5QCdGLCX 9aHS0Eesr/nuJO4xqKNOx04= =vlKa -----END PGP SIGNATURE----- ------- Additional Comments From marcdeslauriers 2005-03-02 16:39:00 ---- -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 I did QA on the new packages: 2e8fce19ea58a7c1957d866afdbaa3656202e463 dhcp-2.0pl5-8.1.legacy.src.rpm - - Source files match previous release - - Patch file matches upstream - - Spec file changes are good +PUBLISH -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.6 (GNU/Linux) iD8DBQFCJni5LMAs/0C4zNoRAtF9AJoD/AmPU92tlGA1kAYk+Q/icKussQCgppjJ tCrfK+J5xYYPX1qJBxltz8E= =NaCG -----END PGP SIGNATURE----- ------- Additional Comments From marcdeslauriers 2005-03-05 04:55:56 ---- Packages were pushed to updates-testing ------- Bug moved to this database by dkl 2005-03-30 18:29 ------- This bug previously known as bug 2251 at https://bugzilla.fedora.us/ https://bugzilla.fedora.us/show_bug.cgi?id=2251 Originally filed under the Fedora Legacy product and Package request component. Unknown priority P2. Setting to default priority "normal". Unknown platform PC. Setting to default platform "All". Setting qa contact to the default for this product. This bug either had no qa contact or an invalid one.
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Quick test on RHL73. After the upgrade, DHCP client still seems to work as normal. +VERIFY RHL73 -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.7 (GNU/Linux) iD8DBQFCwmKKGHbTkzxSL7QRAh0BAKCvMCeniTkmLD0W2miGEkpECDwoxQCgj39P npXfDM+v8ReqQtGqULQG6YY= =F6JQ -----END PGP SIGNATURE-----
Packages were officially released.