Package "isc-dhcp"

Name: isc-dhcp


This package is just an umbrella for a group of other packages, it has no description.
Description samples from packages in group:

  • ISC DHCP relay daemon
  • DHCP server able to use LDAP as backend

Latest version: 4.2.4-7ubuntu12.12
Release: trusty (14.04)
Level: security
Repository: universe


Other versions of "isc-dhcp" in Trusty

Repository Area Version
base main 4.2.4-7ubuntu12
base universe 4.2.4-7ubuntu12
security main 4.2.4-7ubuntu12.12
updates universe 4.2.4-7ubuntu12.13
updates main 4.2.4-7ubuntu12.13

Packages in group

Deleted packages are displayed in grey.


Version: 4.2.4-7ubuntu12.12 2018-03-01 19:08:24 UTC

  isc-dhcp (4.2.4-7ubuntu12.12) trusty-security; urgency=medium

  * SECURITY UPDATE: DoS via concurrent TCP sessions
    - debian/patches/CVE-2016-2774.patch: limit number of connections in
      includes/site.h, omapip/listener.c.
    - CVE-2016-2774
  * SECURITY UPDATE: DoS via omapi
    - debian/patches/CVE-2018-573x.patch: fix socket descriptor leak in
      omapip/buffer.c, omapip/message.c.
    - CVE-2017-3144
  * SECURITY UPDATE: buffer overflow in dhclient
    - debian/patches/CVE-2018-573x.patch: check option data size in
    - CVE-2018-5732
  * SECURITY UPDATE: reference counter overflow in dhcpd
    - debian/patches/CVE-2018-573x.patch: avoid overflow in
    - CVE-2018-5733
  * This package does _not_ contain the changes from 4.2.4-7ubuntu12.11 in

 -- Marc Deslauriers <email address hidden> Thu, 01 Mar 2018 08:45:46 -0500

Source diff to previous version
CVE-2016-2774 ISC DHCP 4.1.x before 4.1-ESV-R13 and 4.2.x and 4.3.x before 4.3.4 does not restrict the number of concurrent TCP sessions, which allows remote attac
CVE-2017-3144 dhcp: omapi code doesn't free socket descriptors when empty message is received allowing denial-of-service
CVE-2018-5732 A specially constructed response from a malicious server can cause a buffer overflow in dhclient
CVE-2018-5733 A malicious client can overflow a reference counter in ISC dhcpd

Version: 4.2.4-7ubuntu12.4 2016-01-13 14:06:46 UTC

  isc-dhcp (4.2.4-7ubuntu12.4) trusty-security; urgency=medium

  * SECURITY UPDATE: denial of service via incorrect UDP payload length
    - debian/patches/CVE-2015-8605.patch: properly check payload length in
    - CVE-2015-8605

 -- Marc Deslauriers Mon, 11 Jan 2016 07:56:50 -0500

CVE-2015-8605 UDP payload length not properly checked

About   -   Send Feedback to @ubuntu_updates