Univention Bugzilla – Bug 55270
isc-dhcp: Multiple issues (5.0)
Last modified: 2022-10-20 13:41:17 CEST
New Debian isc-dhcp 4.4.1-2+deb10u2A~5.0.2.202210170847 fixes: This update addresses the following issues: * option refcount overflow when leasequery is enabled leading to dhcpd abort (CVE-2022-2928) * DHCP memory leak (CVE-2022-2929)
--- mirror/ftp/pool/main/i/isc-dhcp/isc-dhcp_4.4.1-2+deb10u1A~5.0.0.202106210952.dsc +++ apt/ucs_5.0-0-errata5.0-2/source/isc-dhcp_4.4.1-2+deb10u2A~5.0.2.202210170847.dsc @@ -1,4 +1,4 @@ -4.4.1-2+deb10u1A~5.0.0.202106210952 [Mon, 21 Jun 2021 09:52:57 +0200] Univention builddaemon <buildd@univention.de>: +4.4.1-2+deb10u2A~5.0.2.202210170847 [Mon, 17 Oct 2022 08:48:16 +0200] Univention builddaemon <buildd@univention.de>: * UCS auto build. The following patches have been applied to the original source package 10_fix_28139_ranges @@ -9,6 +9,12 @@ 30_policy 30_policy +4.4.1-2+deb10u2 [Tue, 11 Oct 2022 04:00:05 +0530] Utkarsh Gupta <utkarsh@debian.org>: + + * Non-maintainer upload by the LTS team. (Closes: #1021320) + * An option refcount overflow exists in dhcpd. (Fixes: CVE-2022-2928) + * DHCP memory leak. (Fixes: CVE-2022-2929) + 4.4.1-2+deb10u1 [Thu, 03 Jun 2021 12:59:09 +0200] Salvatore Bonaccorso <carnil@debian.org>: * Non-maintainer upload. <http://piuparts.knut.univention.de/5.0-2/#4772527862684798701>
OK: yaml OK: announce_errata OK: patch OK: piuparts [5.0-2] 7528401cb3 Bug #55270: isc-dhcp 4.4.1-2+deb10u2A~5.0.2.202210170847 doc/errata/staging/isc-dhcp.yaml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) [5.0-2] d349447868 Bug #55270: isc-dhcp 4.4.1-2+deb10u2A~5.0.2.202210170847 doc/errata/staging/isc-dhcp.yaml | 15 +++++++++++++++ 1 file changed, 15 insertions(+)
<https://errata.software-univention.de/#/?erratum=5.0x463>