Fixed upstream in 4.2.4-P2. References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3955 https://kb.isc.org/article/AA-00779 https://kb.isc.org/article/AA-00792
Whiteboard: (none) => MGA2TOO, MGA1TOO
Updated packages uploaded for Mageia 1, Mageia 2, and Cauldron. Advisory to come. Package list: dhcp-common-4.2.4-0.P2.1.mga1 dhcp-doc-4.2.4-0.P2.1.mga1 dhcp-server-4.2.4-0.P2.1.mga1 dhcp-client-4.2.4-0.P2.1.mga1 dhcp-relay-4.2.4-0.P2.1.mga1 dhcp-devel-4.2.4-0.P2.1.mga1 dhcp-common-4.2.4P2-1.1.mga2 dhcp-doc-4.2.4P2-1.1.mga2 dhcp-server-4.2.4P2-1.1.mga2 dhcp-client-4.2.4P2-1.1.mga2 dhcp-relay-4.2.4P2-1.1.mga2 dhcp-devel-4.2.4P2-1.1.mga2 from SRPMS: dhcp-4.2.4-0.P2.1.mga1 dhcp-4.2.4P2-1.1.mga2
Version: Cauldron => 2Whiteboard: MGA2TOO, MGA1TOO => MGA1TOO
CC: (none) => oe
Advisory: ======================== Updated dhcp packages fix security vulnerability: In the ISC DHCP server, prior to 4.2.4-P2, reducing the expiration time for an active IPv6 lease may cause the server to crash (CVE-2012-3955). References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3955 https://kb.isc.org/article/AA-00779 https://kb.isc.org/article/AA-00792 ======================== Updated packages in core/updates_testing: ======================== dhcp-common-4.2.4-0.P2.1.mga1 dhcp-doc-4.2.4-0.P2.1.mga1 dhcp-server-4.2.4-0.P2.1.mga1 dhcp-client-4.2.4-0.P2.1.mga1 dhcp-relay-4.2.4-0.P2.1.mga1 dhcp-devel-4.2.4-0.P2.1.mga1 dhcp-common-4.2.4P2-1.1.mga2 dhcp-doc-4.2.4P2-1.1.mga2 dhcp-server-4.2.4P2-1.1.mga2 dhcp-client-4.2.4P2-1.1.mga2 dhcp-relay-4.2.4P2-1.1.mga2 dhcp-devel-4.2.4P2-1.1.mga2 from SRPMS: dhcp-4.2.4-0.P2.1.mga1.src.rpm dhcp-4.2.4P2-1.1.mga2.src.rpm
Assignee: bugsquad => qa-bugs
Severity: normal => major
Testing in progress, using the procedure at https://bugs.mageia.org/show_bug.cgi?id=6872#c6
CC: (none) => davidwhodginsWhiteboard: MGA1TOO => MGA1TOO has_procedure
Testing complete on Mageia 1 and 2, x86-64 and i586. Could someone from the sysadmin team push the srpm dhcp-4.2.4P2-1.1.mga2.src.rpm from Mageia 2 Core Updates Testing to Core Updates and the srpm dhcp-4.2.4-0.P2.1.mga1.src.rpm from Mageia 1 Core Updates Testing to Core Updates. Advisory: Updated dhcp packages fix security vulnerability: In the ISC DHCP server, prior to 4.2.4-P2, reducing the expiration time for an active IPv6 lease may cause the server to crash (CVE-2012-3955). References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3955 https://kb.isc.org/article/AA-00779 https://kb.isc.org/article/AA-00792 https://bugs.mageia.org/show_bug.cgi?id=7473
Keywords: (none) => validated_updateCC: (none) => sysadmin-bugsWhiteboard: MGA1TOO has_procedure => MGA1TOO has_procedure MGA1-32-OK MGA1-64-OK MGA2-32-OK MGA2-64-OK
Update pushed: https://wiki.mageia.org/en/Support/Advisories/MGASA-2012-0270
Status: NEW => RESOLVEDCC: (none) => tmbResolution: (none) => FIXED