Advisories ยป MGASA-2016-0028

Updated dhcp packages fix security vulnerability

Publication date: 20 Jan 2016
Type: security
Affected Mageia releases : 5
CVE: CVE-2015-8605

Description

A badly formed packet with an invalid IPv4 UDP length field can cause an
ISC DHCP server, client, or relay program to terminate abnormally
(CVE-2015-8605).

The dhcp package has been updated to version 4.3.3-P1, which fixes this
issue and several other bugs.

Also, the package has also been enhanced to provide better support for
running a DHCPv6 server (mga#17177).
                

References

SRPMS

5/core