isc-dhcp (4.3.3-5ubuntu12.9) xenial-security; urgency=medium * SECURITY UPDATE: DoS via concurrent TCP sessions - debian/patches/CVE-2016-2774.patch: limit number of connections in includes/site.h, omapip/listener.c. - CVE-2016-2774 * SECURITY UPDATE: DoS via omapi - debian/patches/CVE-2018-573x.patch: fix socket descriptor leak in omapip/buffer.c, omapip/message.c. - CVE-2017-3144 * SECURITY UPDATE: buffer overflow in dhclient - debian/patches/CVE-2018-573x.patch: check option data size in common/options.c, add tests to common/tests/Makefile.am, common/tests/option_unittest.c. - CVE-2018-5732 * SECURITY UPDATE: reference counter overflow in dhcpd - debian/patches/CVE-2018-573x.patch: avoid overflow in common/options.c. - CVE-2018-5733 * This package does _not_ contain the changes from 4.3.3-5ubuntu12.8 in xenial-proposed. -- Marc Deslauriers Thu, 01 Mar 2018 08:20:48 -0500 isc-dhcp (4.3.3-5ubuntu12.7) xenial; urgency=medium * debian/control : Add "Replaces:" option for package isc-dhcp-client to allow the packaging system to remove "isc-dhcp-client-noddns" on systems on which it is installed and replace it by "isc-dhcp-client" during a release upgrade from Trusty to Xenial. (LP: #1176046) -- Eric Desrochers Wed, 01 Feb 2017 08:36:18 -0500 isc-dhcp (4.3.3-5ubuntu12.6) xenial; urgency=medium * debian/initramfs/lib/etc/dhcp/dhclient-enter-hooks.d/config: clean up script to remove IPv4 bits that would never be called; since for this SRU we only do IPv6. (LP: #1621507) -- Mathieu Trudel-Lapierre Thu, 08 Dec 2016 17:43:34 +0100 isc-dhcp (4.3.3-5ubuntu12.5) xenial; urgency=medium * debian/initramfs/lib/etc/dhcp/dhclient-enter-hooks.d/config: fix script to not write to /run/net-$iface.conf when dealing with IPv6; which should only write to a /run/net6-$iface.conf file. (LP: #1621507) * debian/README.Debian: document what this config script is and why a hook is shipped for the initramfs. -- Mathieu Trudel-Lapierre Fri, 04 Nov 2016 10:57:07 -0600 isc-dhcp (4.3.3-5ubuntu12.4) xenial; urgency=medium * ipv6: wait for duplicate address detection to finish (LP: #1633479). -- Scott Moser Mon, 31 Oct 2016 14:32:14 -0400 isc-dhcp (4.3.3-5ubuntu12.3) xenial; urgency=medium [ Mathieu Trudel-Lapierre ] * debian/isc-dhcp-client.install: install new files for initramfs-tools to their proper locations; from debian/initramfs-tools. (LP: #1621507) -- LaMont Jones Fri, 23 Sep 2016 15:09:46 -0600 isc-dhcp (4.3.3-5ubuntu12.2) xenial; urgency=medium * Don't assume IPv6 prefix length of 64 (LP: #1609898). Pulled from debian commit c347ab8a43587164486ce1f104eedfd638594e59. -- Dan Streetman Thu, 04 Aug 2016 13:07:23 -0400 isc-dhcp (4.3.3-5ubuntu12.1) xenial; urgency=medium * Fixed missing broadcast flag for Infiniband interfaces (LP: #1529815) - added: + d/p/dhcp-4.2.4-dhclient-options-changed.patch -- Rafael David Tinoco (Inaddy) Wed, 08 Jun 2016 10:51:06 +0200 isc-dhcp (4.3.3-5ubuntu12) xenial; urgency=medium * debian/apparmor/sbin.dhclient: Add the attach_disconnected flag to prevent disconnected path denials as seen with the new 1.1.93 based network-manager (LP: #1568485) -- Tyler Hicks Wed, 13 Apr 2016 10:02:12 -0500 isc-dhcp (4.3.3-5ubuntu11) xenial; urgency=medium * No change upload for rebuild -- LaMont Jones Fri, 18 Mar 2016 10:36:57 -0600 # For older changelog entries, run 'apt-get changelog isc-dhcp-client'