-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 _______________________________________________________________________ Mandriva Linux Security Advisory MDVSA-2011:128 http://www.mandriva.com/security/ _______________________________________________________________________ Package : dhcp Date : August 18, 2011 Affected: 2009.0, 2010.1, Corporate 4.0, Enterprise Server 5.0 _______________________________________________________________________ Problem Description: Multiple vulnerabilities has been discovered and corrected in dhcp: The server in ISC DHCP 3.x and 4.x before 4.2.2, 3.1-ESV before 3.1-ESV-R3, and 4.1-ESV before 4.1-ESV-R3 allows remote attackers to cause a denial of service (daemon exit) via a crafted DHCP packet (CVE-2011-2748). The server in ISC DHCP 3.x and 4.x before 4.2.2, 3.1-ESV before 3.1-ESV-R3, and 4.1-ESV before 4.1-ESV-R3 allows remote attackers to cause a denial of service (daemon exit) via a crafted BOOTP packet (CVE-2011-2749). Packages for 2009.0 are provided as of the Extended Maintenance Program. Please visit this link to learn more: http://store.mandriva.com/product_info.php?cPath=149&products_id=490 The updated packages have been patched to correct these issues. _______________________________________________________________________ References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2748 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2749 _______________________________________________________________________ Updated Packages: Mandriva Linux 2009.0: dda862ad08cb6af3d2c56f00caec8c77 2009.0/i586/dhcp-client-4.1.2-0.5mdv2009.0.i586.rpm 74a12d5a8bb25e3dc7b05e414a266721 2009.0/i586/dhcp-common-4.1.2-0.5mdv2009.0.i586.rpm da73a63834a47bf8dffeb723a096ad87 2009.0/i586/dhcp-devel-4.1.2-0.5mdv2009.0.i586.rpm b8f966492c0768a5b07b9f7d4f3b776e 2009.0/i586/dhcp-doc-4.1.2-0.5mdv2009.0.i586.rpm 5193c66ea505dd58af855fab116c9d3e 2009.0/i586/dhcp-relay-4.1.2-0.5mdv2009.0.i586.rpm 5446bf09ef2d59e8f1fa17f49aea33b0 2009.0/i586/dhcp-server-4.1.2-0.5mdv2009.0.i586.rpm 1e32ea7b2d129fce3902f8d7d3fc7198 2009.0/SRPMS/dhcp-4.1.2-0.5mdv2009.0.src.rpm Mandriva Linux 2009.0/X86_64: eda9fbd8b6bee2648b34b5f2b6458c1c 2009.0/x86_64/dhcp-client-4.1.2-0.5mdv2009.0.x86_64.rpm df4862238668c0077b98b2b03173ccba 2009.0/x86_64/dhcp-common-4.1.2-0.5mdv2009.0.x86_64.rpm 901134adffc97d090eb365d0b5e799a3 2009.0/x86_64/dhcp-devel-4.1.2-0.5mdv2009.0.x86_64.rpm 9598ee3d8f8ca49e8a8aeef9e8f943ac 2009.0/x86_64/dhcp-doc-4.1.2-0.5mdv2009.0.x86_64.rpm bb8326601929f31c65dcbaaf0ca0946c 2009.0/x86_64/dhcp-relay-4.1.2-0.5mdv2009.0.x86_64.rpm 7733076ab3269f345b28182a183052f9 2009.0/x86_64/dhcp-server-4.1.2-0.5mdv2009.0.x86_64.rpm 1e32ea7b2d129fce3902f8d7d3fc7198 2009.0/SRPMS/dhcp-4.1.2-0.5mdv2009.0.src.rpm Mandriva Linux 2010.1: 6e2ddb421bf4626a15a52dfb0521b37c 2010.1/i586/dhcp-client-4.1.2-0.5mdv2010.2.i586.rpm 76211a724db2990e07856a9bd6dcbaea 2010.1/i586/dhcp-common-4.1.2-0.5mdv2010.2.i586.rpm 260b5ddff40f7be3bbdda4c00d658a46 2010.1/i586/dhcp-devel-4.1.2-0.5mdv2010.2.i586.rpm 63042fe8a76cc5ec84079803bed66d5f 2010.1/i586/dhcp-doc-4.1.2-0.5mdv2010.2.i586.rpm 99d648dcb18a0d1727d997fe8f2fed7e 2010.1/i586/dhcp-relay-4.1.2-0.5mdv2010.2.i586.rpm de21e38b29447cbac0d5414be9fa784c 2010.1/i586/dhcp-server-4.1.2-0.5mdv2010.2.i586.rpm 41c369066c2bfedc5be7b163e0e6b690 2010.1/SRPMS/dhcp-4.1.2-0.5mdv2010.2.src.rpm Mandriva Linux 2010.1/X86_64: f963b8fff5d6632c70630da8ed2570dc 2010.1/x86_64/dhcp-client-4.1.2-0.5mdv2010.2.x86_64.rpm dad1f03e73457cead695da4e865b039b 2010.1/x86_64/dhcp-common-4.1.2-0.5mdv2010.2.x86_64.rpm 7f9ffea345996ce41204c8f38470f0b3 2010.1/x86_64/dhcp-devel-4.1.2-0.5mdv2010.2.x86_64.rpm 80a5f8a1104dc51fd85325b149320958 2010.1/x86_64/dhcp-doc-4.1.2-0.5mdv2010.2.x86_64.rpm 459759b5aaa4fa905f2066317b1c25a9 2010.1/x86_64/dhcp-relay-4.1.2-0.5mdv2010.2.x86_64.rpm 78a70cc56c46e6891e1d650231424684 2010.1/x86_64/dhcp-server-4.1.2-0.5mdv2010.2.x86_64.rpm 41c369066c2bfedc5be7b163e0e6b690 2010.1/SRPMS/dhcp-4.1.2-0.5mdv2010.2.src.rpm Corporate 4.0: 363495c22840f39f7f002b4c38cbd174 corporate/4.0/i586/dhcp-client-4.1.2-0.5.20060mlcs4.i586.rpm a1cb7ec82ea1729e28485cfca956b5ba corporate/4.0/i586/dhcp-common-4.1.2-0.5.20060mlcs4.i586.rpm e5316e5ed2ba9c5e76f8deff847a9ce2 corporate/4.0/i586/dhcp-devel-4.1.2-0.5.20060mlcs4.i586.rpm ced770e7a2ae540efe90e151a84fa008 corporate/4.0/i586/dhcp-doc-4.1.2-0.5.20060mlcs4.i586.rpm f78e1cabac3c9ace1228adc169b3d3d7 corporate/4.0/i586/dhcp-relay-4.1.2-0.5.20060mlcs4.i586.rpm 1a4993e7c92a949c81f73462486e074e corporate/4.0/i586/dhcp-server-4.1.2-0.5.20060mlcs4.i586.rpm 69dfd1ea276880ae59f7aa1028843792 corporate/4.0/SRPMS/dhcp-4.1.2-0.5.20060mlcs4.src.rpm Corporate 4.0/X86_64: ccdd99dfef9bfdb5c05df35d8661fd5c corporate/4.0/x86_64/dhcp-client-4.1.2-0.5.20060mlcs4.x86_64.rpm 681b2bcaba8b65e4225f720b3b399e56 corporate/4.0/x86_64/dhcp-common-4.1.2-0.5.20060mlcs4.x86_64.rpm b9ee098233d7b73c7c0f20faa81ac46b corporate/4.0/x86_64/dhcp-devel-4.1.2-0.5.20060mlcs4.x86_64.rpm c91cffe785e0a716f6970b1dbdce8feb corporate/4.0/x86_64/dhcp-doc-4.1.2-0.5.20060mlcs4.x86_64.rpm 9fbc7814aef5891aedb6530955aa3e85 corporate/4.0/x86_64/dhcp-relay-4.1.2-0.5.20060mlcs4.x86_64.rpm 0cc7f4b1eb100db2fb16f2b53a91ab2a corporate/4.0/x86_64/dhcp-server-4.1.2-0.5.20060mlcs4.x86_64.rpm 69dfd1ea276880ae59f7aa1028843792 corporate/4.0/SRPMS/dhcp-4.1.2-0.5.20060mlcs4.src.rpm Mandriva Enterprise Server 5: ab0b7aa49c12b8c6acd50bd000ffcc33 mes5/i586/dhcp-client-4.1.2-0.5mdvmes5.2.i586.rpm a28fbd774ff88de36312ba01a09d0e66 mes5/i586/dhcp-common-4.1.2-0.5mdvmes5.2.i586.rpm de6e263c8ada2e393c9e2c5eea479feb mes5/i586/dhcp-devel-4.1.2-0.5mdvmes5.2.i586.rpm 979061b018262ee4cc32445ac231beb0 mes5/i586/dhcp-doc-4.1.2-0.5mdvmes5.2.i586.rpm c9ae8d8e66e350d772a5571f40b94202 mes5/i586/dhcp-relay-4.1.2-0.5mdvmes5.2.i586.rpm 1eedde1150fb9c40a90845042c31a254 mes5/i586/dhcp-server-4.1.2-0.5mdvmes5.2.i586.rpm 8c6cd539abb27fd8180176e25699bcb1 mes5/SRPMS/dhcp-4.1.2-0.5mdvmes5.2.src.rpm Mandriva Enterprise Server 5/X86_64: 3ba038548a1a0984c9a479f50298a7ee mes5/x86_64/dhcp-client-4.1.2-0.5mdvmes5.2.x86_64.rpm c003f2d1327eaa9e47dbf6abce537710 mes5/x86_64/dhcp-common-4.1.2-0.5mdvmes5.2.x86_64.rpm d873f5921673222b1cc078e27c7d6d57 mes5/x86_64/dhcp-devel-4.1.2-0.5mdvmes5.2.x86_64.rpm dd083b8e57ad9016aaa398bf1890e355 mes5/x86_64/dhcp-doc-4.1.2-0.5mdvmes5.2.x86_64.rpm 0067fc25a97ea655786598baf0620eb9 mes5/x86_64/dhcp-relay-4.1.2-0.5mdvmes5.2.x86_64.rpm 9c9f19f769d6a6332895a0a6529c7e15 mes5/x86_64/dhcp-server-4.1.2-0.5mdvmes5.2.x86_64.rpm 8c6cd539abb27fd8180176e25699bcb1 mes5/SRPMS/dhcp-4.1.2-0.5mdvmes5.2.src.rpm _______________________________________________________________________ To upgrade automatically use MandrivaUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you. All packages are signed by Mandriva for security. You can obtain the GPG public key of the Mandriva Security Team by executing: gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98 You can view other update advisories for Mandriva Linux at: http://www.mandriva.com/security/advisories If you want to report vulnerabilities, please contact security_(at)_mandriva.com _______________________________________________________________________ Type Bits/KeyID Date User ID pub 1024D/22458A98 2000-07-10 Mandriva Security Team -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (GNU/Linux) iD8DBQFOTOxVmqjQ0CJFipgRAorWAKC6Rug8CkLGlW9N7D0OkQEwDouL6ACgqTSk CwIiGt7snxBd0tSPM7xcP9U= =crBj -----END PGP SIGNATURE-----