PDA

Afficher la version complète : Mise a jour de sécurité sur dhcp 11.4,12.1,12.2



jluce
27/09/2012, 11h40
openSUSE 12.2:

openSUSE Security Update: dhcp
__________________________________________________ ____________________________

Announcement ID: openSUSE-SU-2012:1234-1
Rating: moderate
References: #780167
Cross-References: CVE-2012-3955
Affected Products:
openSUSE 12.2
__________________________________________________ ____________________________

An update that fixes one vulnerability is now available.

Description:


- Update to ISC dhcp-4.2.4-P2 release, providing a security
fix for an issue with the use of lease times was found
and fixed. Making certain changes to the end time of an
IPv6 lease could cause the server to abort. Thanks to
Glen Eustace of Massey University, New Zealand for
finding this issue. ([ISC-Bugs #30281], CVE:
CVE-2012-3955, bnc#780167)


Patch Instructions:

To install this openSUSE Security Update use YaST online_update.
Alternatively you can run the command listed for your product:

- openSUSE 12.2:

zypper in -t patch openSUSE-2012-629

To bring your system up-to-date, use "zypper patch".


Package List:

- openSUSE 12.2 (i586 x86_64):

dhcp-4.2.4.P2-0.1.4.1
dhcp-client-4.2.4.P2-0.1.4.1
dhcp-client-debuginfo-4.2.4.P2-0.1.4.1
dhcp-debuginfo-4.2.4.P2-0.1.4.1
dhcp-debugsource-4.2.4.P2-0.1.4.1
dhcp-devel-4.2.4.P2-0.1.4.1
dhcp-doc-4.2.4.P2-0.1.4.1
dhcp-relay-4.2.4.P2-0.1.4.1
dhcp-relay-debuginfo-4.2.4.P2-0.1.4.1
dhcp-server-4.2.4.P2-0.1.4.1
dhcp-server-debuginfo-4.2.4.P2-0.1.4.1


References:

http://support.novell.com/security/cve/CVE-2012-3955.html
https://bugzilla.novell.com/780167

openSUSE 12.1:

openSUSE Security Update: dhcp
__________________________________________________ ____________________________

Announcement ID: openSUSE-SU-2012:1252-1
Rating: moderate
References: #780167
Cross-References: CVE-2012-3955
Affected Products:
openSUSE 12.1
__________________________________________________ ____________________________

An update that fixes one vulnerability is now available.

Description:


- Update to ISC dhcp-4.2.4-P2 release, providing a security
fix for an issue with the use of lease times was found
and fixed. Making certain changes to the end time of an
IPv6 lease could cause the server to abort. Thanks to
Glen Eustace of Massey University, New Zealand for
finding this issue. ([ISC-Bugs #30281], CVE:
CVE-2012-3955, bnc#780167)


Patch Instructions:

To install this openSUSE Security Update use YaST online_update.
Alternatively you can run the command listed for your product:

- openSUSE 12.1:

zypper in -t patch openSUSE-2012-643

To bring your system up-to-date, use "zypper patch".


Package List:

- openSUSE 12.1 (i586 x86_64):

dhcp-4.2.4.P2-0.6.13.1
dhcp-client-4.2.4.P2-0.6.13.1
dhcp-client-debuginfo-4.2.4.P2-0.6.13.1
dhcp-debuginfo-4.2.4.P2-0.6.13.1
dhcp-debugsource-4.2.4.P2-0.6.13.1
dhcp-devel-4.2.4.P2-0.6.13.1
dhcp-doc-4.2.4.P2-0.6.13.1
dhcp-relay-4.2.4.P2-0.6.13.1
dhcp-relay-debuginfo-4.2.4.P2-0.6.13.1
dhcp-server-4.2.4.P2-0.6.13.1
dhcp-server-debuginfo-4.2.4.P2-0.6.13.1


References:

http://support.novell.com/security/cve/CVE-2012-3955.html
https://bugzilla.novell.com/780167

openSUSE 11.4:

openSUSE Security Update: dhcp
__________________________________________________ ____________________________

Announcement ID: openSUSE-SU-2012:1254-1
Rating: moderate
References: #780167
Cross-References: CVE-2012-3955
Affected Products:
openSUSE 11.4
__________________________________________________ ____________________________

An update that fixes one vulnerability is now available.

Description:


- Update to ISC dhcp-4.2.4-P2 release, providing a security
fix for an issue with the use of lease times was found
and fixed. Making certain changes to the end time of an
IPv6 lease could cause the server to abort. Thanks to
Glen Eustace of Massey University, New Zealand for
finding this issue. ([ISC-Bugs #30281], CVE:
CVE-2012-3955, bnc#780167)


Patch Instructions:

To install this openSUSE Security Update use YaST online_update.
Alternatively you can run the command listed for your product:

- openSUSE 11.4:

zypper in -t patch openSUSE-2012-642

To bring your system up-to-date, use "zypper patch".


Package List:

- openSUSE 11.4 (i586 x86_64):

dhcp-4.2.4.P2-0.30.1
dhcp-client-4.2.4.P2-0.30.1
dhcp-client-debuginfo-4.2.4.P2-0.30.1
dhcp-debuginfo-4.2.4.P2-0.30.1
dhcp-debugsource-4.2.4.P2-0.30.1
dhcp-devel-4.2.4.P2-0.30.1
dhcp-doc-4.2.4.P2-0.30.1
dhcp-relay-4.2.4.P2-0.30.1
dhcp-relay-debuginfo-4.2.4.P2-0.30.1
dhcp-server-4.2.4.P2-0.30.1
dhcp-server-debuginfo-4.2.4.P2-0.30.1


References:

http://support.novell.com/security/cve/CVE-2012-3955.html
https://bugzilla.novell.com/780167