From dhcp-announce: New versions of ISC DHCP are available, containing fixes for CVE-2022-2928 and CVE-2022-2929, about which more information is provided in the ISC Knowledge Base: https://kb.isc.org/docs/cve-2022-2928 https://kb.isc.org/docs/cve-2022-2929 Downloads are available via the ISC download page: https://www.isc.org/download#DHCP and release notes for the updated releases can be viewed via these links: 4.4.3-P1: https://downloads.isc.org/isc/dhcp/4.4.3-P1/dhcp-4.4.3-P1-RELNOTES 4.1-ESV-R16-P2: https://downloads.isc.org/isc/dhcp/4.1-ESV-R16-P2/dhcp-4.1-ESV-R16-P2-RELNOTES
The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=ef7d8760852c160b5e3714fe0118c1db75540dd5 commit ef7d8760852c160b5e3714fe0118c1db75540dd5 Author: Sam James <sam@gentoo.org> AuthorDate: 2022-10-05 19:20:01 +0000 Commit: Sam James <sam@gentoo.org> CommitDate: 2022-10-05 19:20:33 +0000 net-misc/dhcp: add 4.4.3_p1 Bug: https://bugs.gentoo.org/875521 Signed-off-by: Sam James <sam@gentoo.org> net-misc/dhcp/Manifest | 1 + net-misc/dhcp/dhcp-4.4.3_p1.ebuild | 294 +++++++++++++++++++++++++++++++++++++ 2 files changed, 295 insertions(+)
Also note: NOTE: This software is now End-Of-Life. 4.4.3 is the final release planned. We will continue to keep the public issue tracker and user mailing list open.
Please cleanup
GLSA request filed
The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=b6b6755d0c062900a0c55af126119728c402c02d commit b6b6755d0c062900a0c55af126119728c402c02d Author: David Seifert <soap@gentoo.org> AuthorDate: 2022-10-14 18:25:25 +0000 Commit: David Seifert <soap@gentoo.org> CommitDate: 2022-10-14 18:25:25 +0000 net-misc/dhcp: drop 4.4.2_p1-r2, 4.4.3-r1 Bug: https://bugs.gentoo.org/875521 Signed-off-by: David Seifert <soap@gentoo.org> net-misc/dhcp/Manifest | 2 - net-misc/dhcp/dhcp-4.4.2_p1-r2.ebuild | 285 -------------------- net-misc/dhcp/dhcp-4.4.3-r1.ebuild | 294 --------------------- net-misc/dhcp/files/dhcp-4.4.0-bind-disable.patch | 22 -- net-misc/dhcp/files/dhcp-4.4.2-fno-common.patch | 34 --- net-misc/dhcp/files/dhcp-4.4.2-variable-name.patch | 25 -- 6 files changed, 662 deletions(-)
The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/data/glsa.git/commit/?id=516446058bf5c37647ce7dfc2922a56aeaee107e commit 516446058bf5c37647ce7dfc2922a56aeaee107e Author: GLSAMaker <glsamaker@gentoo.org> AuthorDate: 2023-05-03 10:32:25 +0000 Commit: Sam James <sam@gentoo.org> CommitDate: 2023-05-03 10:33:45 +0000 [ GLSA 202305-22 ] ISC DHCP: Multiple Vulnerabilities Bug: https://bugs.gentoo.org/792324 Bug: https://bugs.gentoo.org/875521 Signed-off-by: GLSAMaker <glsamaker@gentoo.org> Signed-off-by: Sam James <sam@gentoo.org> glsa-202305-22.xml | 45 +++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 45 insertions(+)