Thu Nov 4 2010 Jiri Popelka <jpopelka at redhat.com> - 12:4.1.1-27.P1
Fix for CVE-2010-3611 (#649880)
Wed Oct 13 2010 Jiri Popelka <jpopelka at redhat.com>
Server was ignoring client’s Solicit (where client included address/prefix as a preference) (#634842)
Tue Sep 7 2010 Jiri Popelka <jpopelka at redhat.com> - 12:4.1.1-25.P1
Hardening dhcpd/dhcrelay/dhclient by making them PIE & RELRO
Fri Aug 20 2010 Jiri Popelka <jpopelka at redhat.com>
Add DHCRELAYARGS variable to /etc/sysconfig/dhcrelay
Tue Jun 29 2010 Jiri Popelka <jpopelka at redhat.com>
Fix parsing of date (#514828)
Thu Jun 3 2010 Jiri Popelka <jpopelka at redhat.com> - 12:4.1.1-22.P1
4.1.1-P1 (pair of bug fixes including one for a security related bug).
Fix for CVE-2010-2156 (#601405)
Compile with -fno-strict-aliasing
N-V-R (copied from bind.spec):
Name-Version-Release.Patch.dist
Mon May 3 2010 Jiri Popelka <jpopelka at redhat.com> - 12:4.1.1-21
Fix the initialization-delay.patch (#587070)
Thu Apr 29 2010 Jiri Popelka <jpopelka at redhat.com>
Cut down the 0-4 second delay before sending first DHCPDISCOVER (#587070)
Wed Apr 28 2010 Jiri Popelka <jpopelka at redhat.com>
Move /etc/NetworkManager/dispatcher.d/10-dhclient script from dhcp to dhclient subpackage (#586999).
Wed Apr 28 2010 Jiri Popelka <jpopelka at redhat.com> - 12:4.1.1-18
Add domain-search to the list of default requested DHCP options (#586906)
Wed Apr 21 2010 Jiri Popelka <jpopelka at redhat.com>
If the Reply was received in response to Renew or Rebind message, client adds any new addresses in the IA option to the IA (#578097)
Mon Apr 19 2010 Jiri Popelka <jpopelka at redhat.com> - 12:4.1.1-16
Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
#%NASL_MIN_LEVEL 70300
#
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were
# extracted from Fedora Security Advisory 2010-17303.
#
include('deprecated_nasl_level.inc');
include('compat.inc');
if (description)
{
script_id(50682);
script_version("1.13");
script_set_attribute(attribute:"plugin_modification_date", value:"2021/01/11");
script_cve_id("CVE-2010-3611");
script_bugtraq_id(44615);
script_xref(name:"FEDORA", value:"2010-17303");
script_name(english:"Fedora 13 : dhcp-4.1.1-27.P1.fc13 (2010-17303)");
script_summary(english:"Checks rpm output for the updated package.");
script_set_attribute(
attribute:"synopsis",
value:"The remote Fedora host is missing a security update."
);
script_set_attribute(
attribute:"description",
value:
" - Thu Nov 4 2010 Jiri Popelka <jpopelka at redhat.com> -
12:4.1.1-27.P1
- Fix for CVE-2010-3611 (#649880)
- Wed Oct 13 2010 Jiri Popelka <jpopelka at redhat.com>
- 12:4.1.1-26.P1
- Server was ignoring client's Solicit (where client
included address/prefix as a preference) (#634842)
- Tue Sep 7 2010 Jiri Popelka <jpopelka at redhat.com> -
12:4.1.1-25.P1
- Hardening dhcpd/dhcrelay/dhclient by making them PIE &
RELRO
- Fri Aug 20 2010 Jiri Popelka <jpopelka at redhat.com>
- 12:4.1.1-24.P1
- Add DHCRELAYARGS variable to /etc/sysconfig/dhcrelay
- Tue Jun 29 2010 Jiri Popelka <jpopelka at redhat.com>
- 12:4.1.1-23.P1
- Fix parsing of date (#514828)
- Thu Jun 3 2010 Jiri Popelka <jpopelka at redhat.com> -
12:4.1.1-22.P1
- 4.1.1-P1 (pair of bug fixes including one for a
security related bug).
- Fix for CVE-2010-2156 (#601405)
- Compile with -fno-strict-aliasing
- N-V-R (copied from bind.spec):
Name-Version-Release.Patch.dist
- Mon May 3 2010 Jiri Popelka <jpopelka at redhat.com> -
12:4.1.1-21
- Fix the initialization-delay.patch (#587070)
- Thu Apr 29 2010 Jiri Popelka <jpopelka at redhat.com>
- 12:4.1.1-20
- Cut down the 0-4 second delay before sending first
DHCPDISCOVER (#587070)
- Wed Apr 28 2010 Jiri Popelka <jpopelka at redhat.com>
- 12:4.1.1-19
- Move /etc/NetworkManager/dispatcher.d/10-dhclient
script from dhcp to dhclient subpackage (#586999).
- Wed Apr 28 2010 Jiri Popelka <jpopelka at redhat.com> -
12:4.1.1-18
- Add domain-search to the list of default requested
DHCP options (#586906)
- Wed Apr 21 2010 Jiri Popelka <jpopelka at redhat.com>
- 12:4.1.1-17
- If the Reply was received in response to Renew or
Rebind message, client adds any new addresses in the
IA option to the IA (#578097)
- Mon Apr 19 2010 Jiri Popelka <jpopelka at redhat.com> -
12:4.1.1-16
- Fill in Elapsed Time Option in Release/Decline
messages (#582939)
Note that Tenable Network Security has extracted the preceding
description block directly from the Fedora security advisory. Tenable
has attempted to automatically clean and format it as much as possible
without introducing additional issues."
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.redhat.com/show_bug.cgi?id=649877"
);
# https://lists.fedoraproject.org/pipermail/package-announce/2010-November/051287.html
script_set_attribute(
attribute:"see_also",
value:"http://www.nessus.org/u?05939a43"
);
script_set_attribute(attribute:"solution", value:"Update the affected dhcp package.");
script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:N/I:N/A:P");
script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
script_set_attribute(attribute:"exploit_available", value:"false");
script_set_attribute(attribute:"plugin_type", value:"local");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fedoraproject:fedora:dhcp");
script_set_attribute(attribute:"cpe", value:"cpe:/o:fedoraproject:fedora:13");
script_set_attribute(attribute:"patch_publication_date", value:"2010/11/05");
script_set_attribute(attribute:"plugin_publication_date", value:"2010/11/23");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_copyright(english:"This script is Copyright (C) 2010-2021 and is owned by Tenable, Inc. or an Affiliate thereof.");
script_family(english:"Fedora Local Security Checks");
script_dependencies("ssh_get_info.nasl");
script_require_keys("Host/local_checks_enabled", "Host/RedHat/release", "Host/RedHat/rpm-list");
exit(0);
}
include("audit.inc");
include("global_settings.inc");
include("rpm.inc");
if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
release = get_kb_item("Host/RedHat/release");
if (isnull(release) || "Fedora" >!< release) audit(AUDIT_OS_NOT, "Fedora");
os_ver = eregmatch(pattern: "Fedora.*release ([0-9]+)", string:release);
if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "Fedora");
os_ver = os_ver[1];
if (! ereg(pattern:"^13([^0-9]|$)", string:os_ver)) audit(AUDIT_OS_NOT, "Fedora 13.x", "Fedora " + os_ver);
if (!get_kb_item("Host/RedHat/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
cpu = get_kb_item("Host/cpu");
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Fedora", cpu);
flag = 0;
if (rpm_check(release:"FC13", reference:"dhcp-4.1.1-27.P1.fc13")) flag++;
if (flag)
{
if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());
else security_warning(0);
exit(0);
}
else
{
tested = pkg_tests_get();
if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
else audit(AUDIT_PACKAGE_NOT_INSTALLED, "dhcp");
}
Vendor | Product | Version | CPE |
---|---|---|---|
fedoraproject | fedora | dhcp | p-cpe:/a:fedoraproject:fedora:dhcp |
fedoraproject | fedora | 13 | cpe:/o:fedoraproject:fedora:13 |