CVE-2012-3954 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3954): Multiple memory leaks in ISC DHCP 4.1.x and 4.2.x before 4.2.4-P1 and 4.1-ESV before 4.1-ESV-R6 allow remote attackers to cause a denial of service (memory consumption) by sending many requests. CVE-2012-3571 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3571): ISC DHCP 4.1.2 through 4.2.4 and 4.1-ESV before 4.1-ESV-R6 allows remote attackers to cause a denial of service (infinite loop and CPU consumption) via a malformed client identifier. CVE-2012-3570 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3570): Buffer overflow in ISC DHCP 4.2.x before 4.2.4-P1, when DHCPv6 mode is enabled, allows remote attackers to cause a denial of service (segmentation fault and daemon exit) via a crafted client identifier parameter.
+*dhcp-4.2.4_p1 (26 Jul 2012) + + 26 Jul 2012; Tony Vroon <chainsaw@gentoo.org> +dhcp-4.2.4_p1.ebuild: + Security upgrade addressing an IPv6-only buffer overflow (CVE-2012-3570), + remotely triggerable infinite loop (CVE-2012-3571) and remotely triggerable + memory leaks (CVE-2012-3954). Arches, please test and mark stable. Target KEYWORDS="alpha amd64 arm hppa ~mips ppc ppc64 s390 sh sparc x86 ~sparc-fbsd ~x86-fbsd"
amd64 stable
x86: ok compile: everything fine (with specific USE flags also without problems) repoman: no complaints for this version run: ok ( i have dhcp setting in my net file, and my net.eth0 interface start without problem) Please mark stable for x86.
x86 stable. Thanks Mikle.
Arch teams, please test and mark stable: =net-misc/dhcp-4.2.4_p1
Stable for HPPA.
arm stable
ppc done
alpha/s390/sh/sparc stable
ppc64 stable, last arch done
Thanks, everyone. Already on existing GLSA draft.
This issue was resolved and addressed in GLSA 201301-06 at http://security.gentoo.org/glsa/glsa-201301-06.xml by GLSA coordinator Stefan Behte (craig).