Description A security issue has been reported in ISC DHCP, which can be exploited by malicious people to cause a DoS (Denial of Service). The security issue is caused due to an error when handling the expiration time of an active IPv6 lease and may result in a server crash if the lease time is reduced. The security issue is reported in versions 4.1.x and 4.2.x. Solution Update to version 4.1-ESV-R7 or 4.2.4-P2.
CVE-2012-3955 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3955): ISC DHCP 4.1.x before 4.1-ESV-R7 and 4.2.x before 4.2.4-P2 allows remote attackers to cause a denial of service (daemon crash) in opportunistic circumstances by establishing an IPv6 lease in an environment where the lease expiration time is later reduced.
4.2.4_p2 is in the tree
Arch teams, please test and mark stable: =net-misc/dhcp-4.2.4_p2 Target keywords : "alpha amd64 arm hppa ppc ppc64 s390 sh sparc x86"
amd64: ok
Stable for HPPA.
arm stable
x86 done.
amd64 stable
stable ppc ppc64
alpha/s390/sh/sparc stable
Thanks, everyone. Adding to existing GLSA draft.
This issue was resolved and addressed in GLSA 201301-06 at http://security.gentoo.org/glsa/glsa-201301-06.xml by GLSA coordinator Stefan Behte (craig).