2018-03-08 - email@example.com
- Update to dhcp-4.3.6-P1:
* CVE-2018-5733, bsc#1083303: reference count overflow in dhcpd.
* CVE-2018-5732, bsc#1083302: buffer overflow bug in dhclient.
* Plugged a socket descriptor leak in OMAPI
* The server now allows the client identifier (option 61) to own
leases in more than one subnet concurrently [ISC-Bugs #41358].
* When replying to a DHCPINFORM, the server will now include
options specified at the pool scope, provided the ciaddr field
of the DHCPINFORM is populated.
[ISC-Bugs #43219] [ISC-Bugs #45051].
* When memory allocation fails in a repeated way the process
writes "Run out of memory." on the standard error and exists
with status 1 [ISC-Bugs #32744].
* The new lmdb (Lightning Memory DataBase) bind9 configure
option is now disabled by default to avoid the presence of
this library to be detected which can lead to a link failure.
* The linux interface discovery code has been modified to use
getifaddrs() as is done for BSD and OS-X.
[ISC-Bugs #28761] and others.
* Fixed a bug in OMAPI that causes omshell to crash when a
name-value pair with a zero length value is shipped in an
object [ISC-Bugs #29108].
* On 64-bit platforms, dhclient now generates the correct value
for the script environment variable, "expiry", the lease
expiry value exceeds 0x7FFFFFFF [ISC-Bugs #43326].
* Common timer logic was modified to cap the maximum timeout
values at 0x7FFFFFFF - 1 [ISC-Bugs #28038].
* DHCP6 FQDN option unpacking code now correctly handles values
that contain spaces, special, or non-printable characters.
* When running in -6 mode, dhclient can enforce the require
option statement and will discard offered leases that do not
contain all the required options specified in the client
configuration [ISC-Bugs #41473].
* Altered DHCPv4 lease time calculation to avoid roll over
errors on 64-bit OS systems when using -1 or large values
for default-lease-time [ISC-Bugs #41976],
* Added --dad-wait-time parameter to dhclient [ISC-Bugs #36169].
* The server nows checks both the address and length of a
prefix delegation when attempting to match it to a prefix
pool [ISC-Bugs #35378].
* Modified DDNS support initialization such that DNS related
ports will only be opened by the server (dhcpd) at startup
if ddns-update-style is not "none"; by dhclient only if and
when the it first attempts an update; and never by dhcrelay.
[ISC-Bugs #45290] [ISC-Bugs #33377]
* Added error logging to two memory allocation failure checks.
* Corrected a dhclient -6 issue that caused the client to crash
with an "Impossible condition" error after de-preferencing its
only IA binding [ISC-Bugs #44373].
* By defining CALL_SCRIPT_ON_ONETRY_FAIL in includes/site.h,
dhclient will now call the script with reason set to FAIL when
run with -1 (one try) and there are no server responses.
* The server now detects failover peers that are not referenced
in at least one pool when run with the command line option for
test mode, -T [ISC-Bugs #29892].
* Linux script updated [ISC-bugs #19430] [ISC-bugs #18111].
* Changed severity of the log message indicating UDP checksum
errors in the received packets from 'info' to 'debug'.
* Corrected a bug which could cause the server to sporadically
crash while loading lease files with the lease-id-format is
set to "hex" [ISC-Bugs #43185].
- Obsoleted patches:
2018-01-19 - firstname.lastname@example.org
- Optimized if and when DNS client context and ports
are initted (bsc#1073935)