On 23 December 2015 at 21:53, Stuart Henderson <st...@openbsd.org> wrote: > On 2015/12/23 14:47, Patrik Lundin wrote: >> On Wed, Dec 23, 2015 at 11:33:30AM +0000, Stuart Henderson wrote: >> > Updated tar.gz for the 0.9.2-P1 crash fix ("Improved handling of incoming >> > packets with invalid client-id and DUID.") >> > >> >> Nice catch! I had not seen any word of this release on the kea mailing >> lists, how did you notice it? > > I saw it on oss-sec first, then on ISC's security RSS feed (and as if > to emphasize the slightly random nature of that feed it was followed > by release notes for 0.9, 0.9.2-beta and 0.9.2 :-) I read oss-sec anyway, > and since I maintain the BIND port I track a few places where ISC are > likely to announce things. > > http://www.openwall.com/lists/oss-security/2015/12/22/11 > https://www.isc.org/?feed=security-feed >
What would be really nice is if they described somewhere the 'crafted' packet that was blowing them up. As far as the diff goes they just wrapped try {} around the code trying to get a client identifier. So it's kinda unsatisfying as far as figuring out if our in-tree dhcpd would blow up with a similar packet. :-) .... Ken