| |||||||||||||||||||
Mageia alert MGASA-2013-0106 (dhcp)
MGASA-2013-0106 Date: April 4th, 2013 Affected releases: 2 Media: Core Description: Updated dhcp packages fix security vulnerability: Exploitation of a memory exhaustion bug in libdns is theoretically possible in ISC DHCP before 4.2.5-P1, which uses the library from BIND 9 for Dynamic DNS. Servers which are targeted by a successful attack will exhaust all memory available to the server process, which is likely to crash the DHCP server and may affect other processes running on the same physical machine when system memory is exhausted (CVE-2013-2494). Updated Packages: i586: dhcp-client-4.2.5P1-1.mga2.i586.rpm dhcp-common-4.2.5P1-1.mga2.i586.rpm dhcp-devel-4.2.5P1-1.mga2.i586.rpm dhcp-doc-4.2.5P1-1.mga2.i586.rpm dhcp-relay-4.2.5P1-1.mga2.i586.rpm dhcp-server-4.2.5P1-1.mga2.i586.rpm dhcp-debug-4.2.5P1-1.mga2.i586.rpm x86_64: dhcp-client-4.2.5P1-1.mga2.x86_64.rpm dhcp-common-4.2.5P1-1.mga2.x86_64.rpm dhcp-devel-4.2.5P1-1.mga2.x86_64.rpm dhcp-doc-4.2.5P1-1.mga2.x86_64.rpm dhcp-relay-4.2.5P1-1.mga2.x86_64.rpm dhcp-server-4.2.5P1-1.mga2.x86_64.rpm dhcp-debug-4.2.5P1-1.mga2.x86_64.rpm SRPMS: dhcp-4.2.5P1-1.mga2.src.rpm References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2494 https://kb.isc.org/article/AA-00880 https://kb.isc.org/article/AA-00891 https://bugs.mageia.org/show_bug.cgi?id=9547 https://wiki.mageia.org/en/Support/Advisories/MGASA-2013-... (Log in to post comments)
|
|||||||||||||||||||