Slackware 1133 Published by

A dhcp security update is available for Slackware 14.0, 14.1, 14.2, 15.0, and -current.



slackware-security: dhcp (SSA:2022-278-01)



[slackware-security] dhcp (SSA:2022-278-01)

New dhcp packages are available for Slackware 14.0, 14.1, 14.2, 15.0,
and -current to fix security issues.

Here are the details from the Slackware 15.0 ChangeLog:
+--------------------------+
patches/packages/dhcp-4.4.3_P1-i586-1_slack15.0.txz: Upgraded.
This update fixes two security issues:
Corrected a reference count leak that occurs when the server builds
responses to leasequery packets.
Corrected a memory leak that occurs when unpacking a packet that has an
FQDN option (81) that contains a label with length greater than 63 bytes.
Thanks to VictorV of Cyber Kunlun Lab for reporting these issues.
For more information, see:
  https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2928
  https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2929
(* Security fix *)
+--------------------------+

Where to find the new packages:
+-----------------------------+

Thanks to the friendly folks at the OSU Open Source Lab
(  http://osuosl.org) for donating FTP and rsync hosting
to the Slackware project! :-)

Also see the "Get Slack" section on   http://slackware.com for
additional mirror sites near you.

Updated package for Slackware 14.0:
  ftp://ftp.slackware.com/pub/slackware/slackware-14.0/patches/packages/dhcp-4.4.3_P1-i486-1_slack14.0.txz

Updated package for Slackware x86_64 14.0:
  ftp://ftp.slackware.com/pub/slackware/slackware64-14.0/patches/packages/dhcp-4.4.3_P1-x86_64-1_slack14.0.txz

Updated package for Slackware 14.1:
  ftp://ftp.slackware.com/pub/slackware/slackware-14.1/patches/packages/dhcp-4.4.3_P1-i486-1_slack14.1.txz

Updated package for Slackware x86_64 14.1:
  ftp://ftp.slackware.com/pub/slackware/slackware64-14.1/patches/packages/dhcp-4.4.3_P1-x86_64-1_slack14.1.txz

Updated package for Slackware 14.2:
  ftp://ftp.slackware.com/pub/slackware/slackware-14.2/patches/packages/dhcp-4.4.3_P1-i586-1_slack14.2.txz

Updated package for Slackware x86_64 14.2:
  ftp://ftp.slackware.com/pub/slackware/slackware64-14.2/patches/packages/dhcp-4.4.3_P1-x86_64-1_slack14.2.txz

Updated package for Slackware 15.0:
  ftp://ftp.slackware.com/pub/slackware/slackware-15.0/patches/packages/dhcp-4.4.3_P1-i586-1_slack15.0.txz

Updated package for Slackware x86_64 15.0:
  ftp://ftp.slackware.com/pub/slackware/slackware64-15.0/patches/packages/dhcp-4.4.3_P1-x86_64-1_slack15.0.txz

Updated package for Slackware -current:
  ftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/n/dhcp-4.4.3_P1-i586-1.txz

Updated package for Slackware x86_64 -current:
  ftp://ftp.slackware.com/pub/slackware/slackware64-current/slackware64/n/dhcp-4.4.3_P1-x86_64-1.txz

MD5 signatures:
+-------------+

Slackware 14.0 package:
e429e8478fe65c0c181ccd02a053c108 dhcp-4.4.3_P1-i486-1_slack14.0.txz

Slackware x86_64 14.0 package:
048b1b6cf2e438616c13c8bb9a97f74a dhcp-4.4.3_P1-x86_64-1_slack14.0.txz

Slackware 14.1 package:
dd65809816162013a3fb513a178a7b35 dhcp-4.4.3_P1-i486-1_slack14.1.txz

Slackware x86_64 14.1 package:
db85a1949e4f6c8c6a856ab867e45394 dhcp-4.4.3_P1-x86_64-1_slack14.1.txz

Slackware 14.2 package:
9e0732a1ec9a45c091fc23111a164138 dhcp-4.4.3_P1-i586-1_slack14.2.txz

Slackware x86_64 14.2 package:
10c5b50ea804e6e139ad108943599ccd dhcp-4.4.3_P1-x86_64-1_slack14.2.txz

Slackware 15.0 package:
3c78b341d3af7b9770948ba98f6afac7 dhcp-4.4.3_P1-i586-1_slack15.0.txz

Slackware x86_64 15.0 package:
8c4e56a909641a3818d844bb504bd414 dhcp-4.4.3_P1-x86_64-1_slack15.0.txz

Slackware -current package:
df65be9af772690d503e2ad51848c7bf n/dhcp-4.4.3_P1-i586-1.txz

Slackware x86_64 -current package:
a86b84620a04c0171c6bf1de2a10c9c0 n/dhcp-4.4.3_P1-x86_64-1.txz

Installation instructions:
+------------------------+

Upgrade the package as root:
# upgradepkg dhcp-4.4.3_P1-i586-1_slack15.0.txz

Then, restart the dhcp daemon.