Bug 22204

Mageia 5 :: x86_64

Installed all packages except the server and rebooted the machine.  Could not think of any other way to test the update.  Nothing relevant in the services list.  No networking issues either local or global.

Passing this for 64 bits on Mageia 5.

CC: (none) => tarazed25

For testing this, https://bugs.mageia.org/show_bug.cgi?id=17462
comments 4 & 5 look useful.
If someone can say how to apply that logic to a stand-alone system with Ethernet connection to a DSL box, the interface configured as automatic everything (get from the gateway, DHCP included) - I will try this.

CC: (none) => lewyssmith

@Lewis: the test you mention above is nothing more than Len just did, just a bit better explained. I coudn't think of anything better, so I did the same test without any apparent ill effects. OK for me.
Can be validated for M5.

Whiteboard: MGA5TOO MGA5-64-OK => MGA5TOO MGA5-64-OK MGA5-32-OK
CC: (none) => herman.viaene

Probing M6/64

Before the update, all pkgs were at version 4.3.5-1. Only'common' & 'client' were installed, I added 'relay' & 'server", but clearly these are not used on my system. Updated to:
 dhcp-client-4.3.5-1.1.mga6
 dhcp-common-4.3.5-1.1.mga6
 dhcp-relay-4.3.5-1.1.mga6
 dhcp-server-4.3.5-1.1.mga6

Re-booted. dhcpd is running:
 # systemctl status dhcpd
● dhcpd.service - DHCPv4 Server Daemon
   Loaded: loaded (/usr/lib/systemd/system/dhcpd.service; enabled; vendor preset
   Active: active (running) since Iau 2017-12-21 14:06:22 CET; 20min ago
  Process: 1428 ExecStart=/usr/sbin/dhcpd -pf /run/dhcpd/dhcpd.pid -cf $CONFIGFI
 Main PID: 1589 (dhcpd)
   CGroup: /system.slice/dhcpd.service
           └─1589 /usr/sbin/dhcpd -pf /run/dhcpd/dhcpd.pid -cf /etc/dhcpd.conf -
Rha 21 14:06:19 localhost.localdomain systemd[1]: Starting DHCPv4 Server Daemon.
Rha 21 14:06:20 localhost.localdomain dhcpd[1428]: WARNING: Host declarations ar
Rha 21 14:06:20 localhost.localdomain dhcpd[1428]: ldap_gssapi_principal is not 
Rha 21 14:06:20 localhost.localdomain dhcpd[1428]: Not searching LDAP since ldap
Rha 21 14:06:20 localhost.localdomain dhcpd[1428]: Source compiled to use binary
Rha 21 14:06:20 localhost.localdomain dhcpd[1428]: Wrote 0 deleted host decls to
Rha 21 14:06:20 localhost.localdomain dhcpd[1428]: Wrote 0 new dynamic host decl
Rha 21 14:06:20 localhost.localdomain dhcpd[1428]: Wrote 0 leases to leases file
Rha 21 14:06:22 localhost.localdomain dhcpd[1589]: Server starting service.
Rha 21 14:06:22 localhost.localdomain systemd[1]: Started DHCPv4 Server Daemon.

I have tried localhost and various remote (via gateway) Internet access, all going as normal. In the light of earlier comments about not being able to do much more, OKing & validating.

Keywords: (none) => validated_update
Whiteboard: MGA5TOO MGA5-64-OK MGA5-32-OK => MGA5TOO MGA5-64-OK MGA5-32-OK MGA6-64-OK
CC: (none) => sysadmin-bugs

An update for this issue has been pushed to the Mageia Updates repository.

https://advisories.mageia.org/MGASA-2017-0458.html

Status: NEW => RESOLVED
Resolution: (none) => FIXED

ISC has issued an advisory for this today:
https://kb.isc.org/article/AA-01541

They finally publicly acknowledged the issue and allocated a CVE.

If someone could update the advisory in SVN with the CVE and reference, that'd be great.

Summary: dhcp new DoS security due to socket descriptor leak in omapi (isc-bugs#46767) => dhcp new DoS security due to socket descriptor leak in omapi (isc-bugs#46767, CVE-2017-3144)

(In reply to David Walser from comment #6)
> https://kb.isc.org/article/AA-01541
Added to references.

> They finally publicly acknowledged the issue and allocated a CVE.
CVE-2017-3144 : Failure to properly clean up closed OMAPI connections can exhaust available sockets.
 
> If someone could update the advisory in SVN with the CVE and reference,
> that [woul]d be great.
Your wish is my command! Done.