Note: This is a beta release of Red Hat Bugzilla 5.0. The data contained within is a snapshot of the live data so any changes you make will not be reflected in the production Bugzilla. Also email is disabled so feel free to test any aspect of the site that you want. File any problems you find or give feedback here.
Bug 599066 - ISC DHCP 4.1.1-P1 contains a pair of bug fixes including one for a security related bug
Summary: ISC DHCP 4.1.1-P1 contains a pair of bug fixes including one for a security r...
Keywords:
Status: CLOSED CURRENTRELEASE
Alias: None
Product: Red Hat Enterprise Linux 6
Classification: Red Hat
Component: dhcp
Version: 6.0
Hardware: All
OS: Linux
medium
medium
Target Milestone: rc
: ---
Assignee: Jiri Popelka
QA Contact: Release Test Team
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2010-06-02 15:45 UTC by Jiri Popelka
Modified: 2010-11-10 20:11 UTC (History)
3 users (show)

Fixed In Version: dhcp-4.1.1-11.P1.el6
Doc Type: Rebase: Bug Fixes and Enhancements
Doc Text:
Clone Of:
Environment:
Last Closed: 2010-11-10 20:11:52 UTC
Target Upstream Version:


Attachments (Terms of Use)
Fixes for [ISC-Bugs #21152] and [ISC-Bugs #21253] (deleted)
2010-06-02 15:45 UTC, Jiri Popelka
jpopelka: review? (vcrhonek)
Details | Diff

Description Jiri Popelka 2010-06-02 15:45:55 UTC
Created attachment 419080 [details]
Fixes for [ISC-Bugs #21152] and [ISC-Bugs #21253]

ISC DHCP 4.1.1-P1 is a patch release of ISC DHCP 4.1.1,
which contains a pair of bug fixes including
one for a security related bug.

http://ftp.isc.org/isc/dhcp/dhcp-4.1.1-P1-RELNOTES
- A bug was fixed that could cause the DHCPv6 server to advertise/assign a
  previously allocated (active) lease to a client that has changed subnets,
  despite being on different shared networks.  Dynamic prefixes specifically
  allocated in shared networks also now are not offered if the client has
  moved.  [ISC-Bugs #21152]

! Accept a client id of length 0 while hashing.  Previously the server would
  exit if it attempted to hash a zero length client id, providing attackers
  with a simple denial of service attack.  [ISC-Bugs #21253]

Version-Release number of selected component (if applicable):
dhcp-4.1.1-10.el6

Comment 1 RHEL Product and Program Management 2010-06-02 15:50:31 UTC
This request was evaluated by Red Hat Product Management for inclusion in a Red
Hat Enterprise Linux major release.  Product Management has requested further
review of this request by Red Hat Engineering, for potential inclusion in a Red
Hat Enterprise Linux Major release.  This request is not yet committed for
inclusion.

Comment 2 Jiri Popelka 2010-06-02 17:50:03 UTC
I'm not sure how to reproduce those two bugs.
I was unsuccessful in configuring client to send zero length client ID ([ISC-Bugs #21253]).
Putting 
send dhcp-client-identifier "";
or something similar into dhclient.conf doesn't work.

Additional info:
https://lists.isc.org/pipermail/dhcp-announce/2010-June/000285.html

Comment 6 Jiri Popelka 2010-06-04 11:37:43 UTC
Fixed in dhcp-4.1.1-11.P1.el6

http://post-office.corp.redhat.com/archives/cvs-commits-list/2010-June/msg00642.html

Comment 8 releng-rhel@redhat.com 2010-11-10 20:11:52 UTC
Red Hat Enterprise Linux 6.0 is now available and should resolve
the problem described in this bug report. This report is therefore being closed
with a resolution of CURRENTRELEASE. You may reopen this bug report if the
solution does not work for you.


Note You need to log in before you can comment on or make changes to this bug.