dhcp-4.3.3.P1-3.1 on GA media SUSE Patch security@suse.de SUSE Security Team openSUSE-SU-2024:10358-1 Final 1 1 2024-06-15T00:00:00Z current 2024-06-15T00:00:00Z 2024-06-15T00:00:00Z cve-database/bin/generate-cvrf.pl 2017-02-24T01:00:00Z dhcp-4.3.3.P1-3.1 on GA media These are all security issues fixed in the dhcp-4.3.3.P1-3.1 package on the GA media of openSUSE Tumbleweed. The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). openSUSE-Tumbleweed-2024-10358 Copyright SUSE LLC under the Creative Commons License 4.0 with Attribution (CC-BY-4.0) https://www.suse.com/support/security/rating/ SUSE Security Ratings https://www.suse.com/security/cve/CVE-2009-1892/ SUSE CVE CVE-2009-1892 page https://www.suse.com/security/cve/CVE-2010-2156/ SUSE CVE CVE-2010-2156 page https://www.suse.com/security/cve/CVE-2010-3611/ SUSE CVE CVE-2010-3611 page https://www.suse.com/security/cve/CVE-2010-3616/ SUSE CVE CVE-2010-3616 page https://www.suse.com/security/cve/CVE-2011-0413/ SUSE CVE CVE-2011-0413 page https://www.suse.com/security/cve/CVE-2011-0997/ SUSE CVE CVE-2011-0997 page https://www.suse.com/security/cve/CVE-2011-2748/ SUSE CVE CVE-2011-2748 page https://www.suse.com/security/cve/CVE-2011-2749/ SUSE CVE CVE-2011-2749 page https://www.suse.com/security/cve/CVE-2011-4539/ SUSE CVE CVE-2011-4539 page https://www.suse.com/security/cve/CVE-2011-4868/ SUSE CVE CVE-2011-4868 page https://www.suse.com/security/cve/CVE-2012-3570/ SUSE CVE CVE-2012-3570 page https://www.suse.com/security/cve/CVE-2012-3571/ SUSE CVE CVE-2012-3571 page https://www.suse.com/security/cve/CVE-2012-3954/ SUSE CVE CVE-2012-3954 page https://www.suse.com/security/cve/CVE-2012-3955/ SUSE CVE CVE-2012-3955 page https://www.suse.com/security/cve/CVE-2013-2266/ SUSE CVE CVE-2013-2266 page https://www.suse.com/security/cve/CVE-2015-8605/ SUSE CVE CVE-2015-8605 page openSUSE Tumbleweed dhcp-4.3.3.P1-3.1 dhcp-client-4.3.3.P1-3.1 dhcp-devel-4.3.3.P1-3.1 dhcp-doc-4.3.3.P1-3.1 dhcp-relay-4.3.3.P1-3.1 dhcp-server-4.3.3.P1-3.1 dhcp-4.3.3.P1-3.1 as a component of openSUSE Tumbleweed dhcp-client-4.3.3.P1-3.1 as a component of openSUSE Tumbleweed dhcp-devel-4.3.3.P1-3.1 as a component of openSUSE Tumbleweed dhcp-doc-4.3.3.P1-3.1 as a component of openSUSE Tumbleweed dhcp-relay-4.3.3.P1-3.1 as a component of openSUSE Tumbleweed dhcp-server-4.3.3.P1-3.1 as a component of openSUSE Tumbleweed dhcpd in ISC DHCP 3.0.4 and 3.1.1, when the dhcp-client-identifier and hardware ethernet configuration settings are both used, allows remote attackers to cause a denial of service (daemon crash) via unspecified requests. CVE-2009-1892 openSUSE Tumbleweed:dhcp-4.3.3.P1-3.1 openSUSE Tumbleweed:dhcp-client-4.3.3.P1-3.1 openSUSE Tumbleweed:dhcp-devel-4.3.3.P1-3.1 openSUSE Tumbleweed:dhcp-doc-4.3.3.P1-3.1 openSUSE Tumbleweed:dhcp-relay-4.3.3.P1-3.1 openSUSE Tumbleweed:dhcp-server-4.3.3.P1-3.1 moderate 5 AV:N/AC:L/Au:N/C:N/I:N/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2009-1892.html CVE-2009-1892 https://bugzilla.suse.com/519413 SUSE Bug 519413 ISC DHCP 4.1 before 4.1.1-P1 and 4.0 before 4.0.2-P1 allows remote attackers to cause a denial of service (server exit) via a zero-length client ID. CVE-2010-2156 openSUSE Tumbleweed:dhcp-4.3.3.P1-3.1 openSUSE Tumbleweed:dhcp-client-4.3.3.P1-3.1 openSUSE Tumbleweed:dhcp-devel-4.3.3.P1-3.1 openSUSE Tumbleweed:dhcp-doc-4.3.3.P1-3.1 openSUSE Tumbleweed:dhcp-relay-4.3.3.P1-3.1 openSUSE Tumbleweed:dhcp-server-4.3.3.P1-3.1 moderate 5 AV:N/AC:L/Au:N/C:N/I:N/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2010-2156.html CVE-2010-2156 https://bugzilla.suse.com/612546 SUSE Bug 612546 ISC DHCP server 4.0 before 4.0.2, 4.1 before 4.1.2, and 4.2 before 4.2.0-P1 allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via a DHCPv6 packet containing a Relay-Forward message without an address in the Relay-Forward link-address field. CVE-2010-3611 openSUSE Tumbleweed:dhcp-4.3.3.P1-3.1 openSUSE Tumbleweed:dhcp-client-4.3.3.P1-3.1 openSUSE Tumbleweed:dhcp-devel-4.3.3.P1-3.1 openSUSE Tumbleweed:dhcp-doc-4.3.3.P1-3.1 openSUSE Tumbleweed:dhcp-relay-4.3.3.P1-3.1 openSUSE Tumbleweed:dhcp-server-4.3.3.P1-3.1 moderate 4.3 AV:N/AC:M/Au:N/C:N/I:N/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2010-3611.html CVE-2010-3611 https://bugzilla.suse.com/650902 SUSE Bug 650902 https://bugzilla.suse.com/667655 SUSE Bug 667655 ISC DHCP server 4.2 before 4.2.0-P2, when configured to use failover partnerships, allows remote attackers to cause a denial of service (communications-interrupted state and DHCP client service loss) by connecting to a port that is only intended for a failover peer, as demonstrated by a Nagios check_tcp process check to TCP port 520. CVE-2010-3616 openSUSE Tumbleweed:dhcp-4.3.3.P1-3.1 openSUSE Tumbleweed:dhcp-client-4.3.3.P1-3.1 openSUSE Tumbleweed:dhcp-devel-4.3.3.P1-3.1 openSUSE Tumbleweed:dhcp-doc-4.3.3.P1-3.1 openSUSE Tumbleweed:dhcp-relay-4.3.3.P1-3.1 openSUSE Tumbleweed:dhcp-server-4.3.3.P1-3.1 moderate 5 AV:N/AC:L/Au:N/C:N/I:N/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2010-3616.html CVE-2010-3616 https://bugzilla.suse.com/659059 SUSE Bug 659059 The DHCPv6 server in ISC DHCP 4.0.x and 4.1.x before 4.1.2-P1, 4.0-ESV and 4.1-ESV before 4.1-ESV-R1, and 4.2.x before 4.2.1b1 allows remote attackers to cause a denial of service (assertion failure and daemon crash) by sending a message over IPv6 for a declined and abandoned address. CVE-2011-0413 openSUSE Tumbleweed:dhcp-4.3.3.P1-3.1 openSUSE Tumbleweed:dhcp-client-4.3.3.P1-3.1 openSUSE Tumbleweed:dhcp-devel-4.3.3.P1-3.1 openSUSE Tumbleweed:dhcp-doc-4.3.3.P1-3.1 openSUSE Tumbleweed:dhcp-relay-4.3.3.P1-3.1 openSUSE Tumbleweed:dhcp-server-4.3.3.P1-3.1 moderate 7.8 AV:N/AC:L/Au:N/C:N/I:N/A:C To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2011-0413.html CVE-2011-0413 https://bugzilla.suse.com/667655 SUSE Bug 667655 https://bugzilla.suse.com/680298 SUSE Bug 680298 dhclient in ISC DHCP 3.0.x through 4.2.x before 4.2.1-P1, 3.1-ESV before 3.1-ESV-R1, and 4.1-ESV before 4.1-ESV-R2 allows remote attackers to execute arbitrary commands via shell metacharacters in a hostname obtained from a DHCP message, as demonstrated by a hostname that is provided to dhclient-script. CVE-2011-0997 openSUSE Tumbleweed:dhcp-4.3.3.P1-3.1 openSUSE Tumbleweed:dhcp-client-4.3.3.P1-3.1 openSUSE Tumbleweed:dhcp-devel-4.3.3.P1-3.1 openSUSE Tumbleweed:dhcp-doc-4.3.3.P1-3.1 openSUSE Tumbleweed:dhcp-relay-4.3.3.P1-3.1 openSUSE Tumbleweed:dhcp-server-4.3.3.P1-3.1 moderate 7.5 AV:N/AC:L/Au:N/C:P/I:P/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2011-0997.html CVE-2011-0997 https://bugzilla.suse.com/675052 SUSE Bug 675052 https://bugzilla.suse.com/689182 SUSE Bug 689182 https://bugzilla.suse.com/708527 SUSE Bug 708527 https://bugzilla.suse.com/715172 SUSE Bug 715172 The server in ISC DHCP 3.x and 4.x before 4.2.2, 3.1-ESV before 3.1-ESV-R3, and 4.1-ESV before 4.1-ESV-R3 allows remote attackers to cause a denial of service (daemon exit) via a crafted DHCP packet. CVE-2011-2748 openSUSE Tumbleweed:dhcp-4.3.3.P1-3.1 openSUSE Tumbleweed:dhcp-client-4.3.3.P1-3.1 openSUSE Tumbleweed:dhcp-devel-4.3.3.P1-3.1 openSUSE Tumbleweed:dhcp-doc-4.3.3.P1-3.1 openSUSE Tumbleweed:dhcp-relay-4.3.3.P1-3.1 openSUSE Tumbleweed:dhcp-server-4.3.3.P1-3.1 moderate 7.8 AV:N/AC:L/Au:N/C:N/I:N/A:C To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2011-2748.html CVE-2011-2748 https://bugzilla.suse.com/712653 SUSE Bug 712653 The server in ISC DHCP 3.x and 4.x before 4.2.2, 3.1-ESV before 3.1-ESV-R3, and 4.1-ESV before 4.1-ESV-R3 allows remote attackers to cause a denial of service (daemon exit) via a crafted BOOTP packet. CVE-2011-2749 openSUSE Tumbleweed:dhcp-4.3.3.P1-3.1 openSUSE Tumbleweed:dhcp-client-4.3.3.P1-3.1 openSUSE Tumbleweed:dhcp-devel-4.3.3.P1-3.1 openSUSE Tumbleweed:dhcp-doc-4.3.3.P1-3.1 openSUSE Tumbleweed:dhcp-relay-4.3.3.P1-3.1 openSUSE Tumbleweed:dhcp-server-4.3.3.P1-3.1 moderate 7.8 AV:N/AC:L/Au:N/C:N/I:N/A:C To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2011-2749.html CVE-2011-2749 https://bugzilla.suse.com/712653 SUSE Bug 712653 dhcpd in ISC DHCP 4.x before 4.2.3-P1 and 4.1-ESV before 4.1-ESV-R4 does not properly handle regular expressions in dhcpd.conf, which allows remote attackers to cause a denial of service (daemon crash) via a crafted request packet. CVE-2011-4539 openSUSE Tumbleweed:dhcp-4.3.3.P1-3.1 openSUSE Tumbleweed:dhcp-client-4.3.3.P1-3.1 openSUSE Tumbleweed:dhcp-devel-4.3.3.P1-3.1 openSUSE Tumbleweed:dhcp-doc-4.3.3.P1-3.1 openSUSE Tumbleweed:dhcp-relay-4.3.3.P1-3.1 openSUSE Tumbleweed:dhcp-server-4.3.3.P1-3.1 moderate 5 AV:N/AC:L/Au:N/C:N/I:N/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2011-4539.html CVE-2011-4539 https://bugzilla.suse.com/735610 SUSE Bug 735610 https://bugzilla.suse.com/741239 SUSE Bug 741239 The logging functionality in dhcpd in ISC DHCP before 4.2.3-P2, when using Dynamic DNS (DDNS) and issuing IPv6 addresses, does not properly handle the DHCPv6 lease structure, which allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via crafted packets related to a lease-status update. CVE-2011-4868 openSUSE Tumbleweed:dhcp-4.3.3.P1-3.1 openSUSE Tumbleweed:dhcp-client-4.3.3.P1-3.1 openSUSE Tumbleweed:dhcp-devel-4.3.3.P1-3.1 openSUSE Tumbleweed:dhcp-doc-4.3.3.P1-3.1 openSUSE Tumbleweed:dhcp-relay-4.3.3.P1-3.1 openSUSE Tumbleweed:dhcp-server-4.3.3.P1-3.1 moderate 6.1 AV:A/AC:L/Au:N/C:N/I:N/A:C To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2011-4868.html CVE-2011-4868 https://bugzilla.suse.com/741239 SUSE Bug 741239 Buffer overflow in ISC DHCP 4.2.x before 4.2.4-P1, when DHCPv6 mode is enabled, allows remote attackers to cause a denial of service (segmentation fault and daemon exit) via a crafted client identifier parameter. CVE-2012-3570 openSUSE Tumbleweed:dhcp-4.3.3.P1-3.1 openSUSE Tumbleweed:dhcp-client-4.3.3.P1-3.1 openSUSE Tumbleweed:dhcp-devel-4.3.3.P1-3.1 openSUSE Tumbleweed:dhcp-doc-4.3.3.P1-3.1 openSUSE Tumbleweed:dhcp-relay-4.3.3.P1-3.1 openSUSE Tumbleweed:dhcp-server-4.3.3.P1-3.1 moderate 5.7 AV:A/AC:M/Au:N/C:N/I:N/A:C To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2012-3570.html CVE-2012-3570 https://bugzilla.suse.com/772924 SUSE Bug 772924 ISC DHCP 4.1.2 through 4.2.4 and 4.1-ESV before 4.1-ESV-R6 allows remote attackers to cause a denial of service (infinite loop and CPU consumption) via a malformed client identifier. CVE-2012-3571 openSUSE Tumbleweed:dhcp-4.3.3.P1-3.1 openSUSE Tumbleweed:dhcp-client-4.3.3.P1-3.1 openSUSE Tumbleweed:dhcp-devel-4.3.3.P1-3.1 openSUSE Tumbleweed:dhcp-doc-4.3.3.P1-3.1 openSUSE Tumbleweed:dhcp-relay-4.3.3.P1-3.1 openSUSE Tumbleweed:dhcp-server-4.3.3.P1-3.1 moderate 6.1 AV:A/AC:L/Au:N/C:N/I:N/A:C To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2012-3571.html CVE-2012-3571 https://bugzilla.suse.com/772924 SUSE Bug 772924 Multiple memory leaks in ISC DHCP 4.1.x and 4.2.x before 4.2.4-P1 and 4.1-ESV before 4.1-ESV-R6 allow remote attackers to cause a denial of service (memory consumption) by sending many requests. CVE-2012-3954 openSUSE Tumbleweed:dhcp-4.3.3.P1-3.1 openSUSE Tumbleweed:dhcp-client-4.3.3.P1-3.1 openSUSE Tumbleweed:dhcp-devel-4.3.3.P1-3.1 openSUSE Tumbleweed:dhcp-doc-4.3.3.P1-3.1 openSUSE Tumbleweed:dhcp-relay-4.3.3.P1-3.1 openSUSE Tumbleweed:dhcp-server-4.3.3.P1-3.1 moderate 3.3 AV:A/AC:L/Au:N/C:N/I:N/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2012-3954.html CVE-2012-3954 https://bugzilla.suse.com/772924 SUSE Bug 772924 ISC DHCP 4.1.x before 4.1-ESV-R7 and 4.2.x before 4.2.4-P2 allows remote attackers to cause a denial of service (daemon crash) in opportunistic circumstances by establishing an IPv6 lease in an environment where the lease expiration time is later reduced. CVE-2012-3955 openSUSE Tumbleweed:dhcp-4.3.3.P1-3.1 openSUSE Tumbleweed:dhcp-client-4.3.3.P1-3.1 openSUSE Tumbleweed:dhcp-devel-4.3.3.P1-3.1 openSUSE Tumbleweed:dhcp-doc-4.3.3.P1-3.1 openSUSE Tumbleweed:dhcp-relay-4.3.3.P1-3.1 openSUSE Tumbleweed:dhcp-server-4.3.3.P1-3.1 moderate 7.1 AV:N/AC:M/Au:N/C:N/I:N/A:C To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2012-3955.html CVE-2012-3955 https://bugzilla.suse.com/780167 SUSE Bug 780167 libdns in ISC BIND 9.7.x and 9.8.x before 9.8.4-P2, 9.8.5 before 9.8.5b2, 9.9.x before 9.9.2-P2, and 9.9.3 before 9.9.3b2 on UNIX platforms allows remote attackers to cause a denial of service (memory consumption) via a crafted regular expression, as demonstrated by a memory-exhaustion attack against a machine running a named process. CVE-2013-2266 openSUSE Tumbleweed:dhcp-4.3.3.P1-3.1 openSUSE Tumbleweed:dhcp-client-4.3.3.P1-3.1 openSUSE Tumbleweed:dhcp-devel-4.3.3.P1-3.1 openSUSE Tumbleweed:dhcp-doc-4.3.3.P1-3.1 openSUSE Tumbleweed:dhcp-relay-4.3.3.P1-3.1 openSUSE Tumbleweed:dhcp-server-4.3.3.P1-3.1 moderate 7.8 AV:N/AC:L/Au:N/C:N/I:N/A:C To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2013-2266.html CVE-2013-2266 https://bugzilla.suse.com/811876 SUSE Bug 811876 https://bugzilla.suse.com/811934 SUSE Bug 811934 ISC DHCP 4.x before 4.1-ESV-R12-P1, 4.2.x, and 4.3.x before 4.3.3-P1 allows remote attackers to cause a denial of service (application crash) via an invalid length field in a UDP IPv4 packet. CVE-2015-8605 openSUSE Tumbleweed:dhcp-4.3.3.P1-3.1 openSUSE Tumbleweed:dhcp-client-4.3.3.P1-3.1 openSUSE Tumbleweed:dhcp-devel-4.3.3.P1-3.1 openSUSE Tumbleweed:dhcp-doc-4.3.3.P1-3.1 openSUSE Tumbleweed:dhcp-relay-4.3.3.P1-3.1 openSUSE Tumbleweed:dhcp-server-4.3.3.P1-3.1 moderate 5.7 AV:A/AC:M/Au:N/C:N/I:N/A:C 5.7 AV:A/AC:M/Au:N/C:N/I:N/A:C To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2015-8605.html CVE-2015-8605 https://bugzilla.suse.com/961305 SUSE Bug 961305