Bug 227135 - net-misc/dhcp <3.1.1 dhcp-max-message-size DoS (CVE-2007-0062)
|
Bug#:
227135
(CVE-2007-0062)
|
Product: Gentoo Security
|
Version: unspecified
|
Platform: All
|
|
OS/Version: All
|
Status: RESOLVED
|
Severity: normal
|
Priority: P2
|
|
Resolution: FIXED
|
Assigned To: security@gentoo.org
|
Reported By: davidepesa@gmail.com
|
|
Component: Vulnerabilities
|
|
|
URL:
http://www.isc.org/index.pl?/sw/dhcp/
|
|
Summary: net-misc/dhcp <3.1.1 dhcp-max-message-size DoS (CVE-2007-0062)
|
|
Keywords:
|
|
Status Whiteboard: A3 [glsa]
|
|
Opened: 2008-06-15 10:48 0000
|
Just having 3.1.1 in portage should be enough.
The changelog mentions:
"Fixed a buffer overflow error which could have allowed a denial of service
under unusual server configurations."
I don't know if this could be seen as a security bug...
Server DoS is security relevant I think.
Arches please test and mark stable 3.1.1 as it resolves a DoS through buffer
overflow (alledgedly can only be triggered under "unusual server
configurations").
