CVS: cvs.openbsd.org: ports

Stuart Henderson Tue, 06 Mar 2018 00:57:14 -0800

CVSROOT:        /cvs
Module name:    ports
Changes by:     st...@cvs.openbsd.org   2018/03/06 01:56:37


Modified files:
        net/isc-dhcp   : Tag: OPENBSD_6_2 Makefile distinfo 
Added files:
        net/isc-dhcp/patches: Tag: OPENBSD_6_2 
                              patch-bind_bind-9_9_11-P1_lib_isc_backtrace_c 
Removed files:
        net/isc-dhcp/patches: Tag: OPENBSD_6_2 
                              patch-bind_bind-9_9_11_lib_isc_backtrace_c 

Log message:
update to ISC DHCP 4.3.6-P1

- Plugged a socket descriptor leak in OMAPI, that can occur when there is
data pending to be written to an OMAPI connection, when the connection
is closed by the reader.  [ISC-Bugs #46767]

- Corrected an issue where large sized 'X/x' format options were causing
option handling logic to overwrite memory when expanding them to human
readable form. Reported by Felix Wilhelm, Google Security Team.
[ISC-Bugs #47139] CVE: CVE-2018-5732

- Option reference count was not correctly decremented in error path
when parsing buffer for options. Reported by Felix Wilhelm, Google
Security Team.  [ISC-Bugs #47140] CVE: CVE-2018-5733

CVS: cvs.openbsd.org: ports

Reply via email to