Skip to content
Unverified Commit e6e3270b authored by Andreas Rammhold's avatar Andreas Rammhold
Browse files

kea: 1.5.0 -> 1.5.0-P1 (security) 

Fixes:

* CVE-2019-6472 affects the Kea DHCPv6 server, which can exit
  with an assertion failure if the DHCPv6 server process receives
  a request containing DUID value which is too large.
  (https://kb.isc.org/docs/cve-2019-6474)

* CVE-2019-6473 affects the Kea DHCPv4 server, which can exit with
  an assertion failure if it receives a packed containing a malformed
  option.  (https://kb.isc.org/docs/cve-2019-6473)

* CVE-2019-6474 can cause a condition where the server cannot be
  restarted without manual operator intervention to correct a problem
  that can be deliberately introduced into the stored leases.
  CVE-2019-6474 can only affect servers which are using memfile
  for lease storage.  (https://kb.isc.org/docs/cve-2019-6474)

Annoucement: https://www.openwall.com/lists/oss-security/2019/08/29/1
parent be075ed3
Hide whitespace changes
Inline Side-by-side
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment