==========================================================================
Ubuntu Security Notice USN-2868-1
January 13, 2016
isc-dhcp vulnerability
==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
– Ubuntu 15.10
– Ubuntu 15.04
– Ubuntu 14.04 LTS
– Ubuntu 12.04 LTS
Summary:
DHCP server, client, or relay could be made to crash if they received
specially crafted network traffic.
Software Description:
– isc-dhcp: DHCP server and client
Details:
Sebastian Poehn discovered that the DHCP server, client, and relay
incorrectly handled certain malformed UDP packets. A remote attacker could
use this issue to cause the DHCP server, client, or relay to stop
responding, resulting in a denial of service.
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 15.10:
isc-dhcp-client 4.3.1-5ubuntu3.1
isc-dhcp-relay 4.3.1-5ubuntu3.1
isc-dhcp-server 4.3.1-5ubuntu3.1
isc-dhcp-server-ldap 4.3.1-5ubuntu3.1
Ubuntu 15.04:
isc-dhcp-client 4.3.1-5ubuntu2.3
isc-dhcp-relay 4.3.1-5ubuntu2.3
isc-dhcp-server 4.3.1-5ubuntu2.3
isc-dhcp-server-ldap 4.3.1-5ubuntu2.3
Ubuntu 14.04 LTS:
isc-dhcp-client 4.2.4-7ubuntu12.4
isc-dhcp-relay 4.2.4-7ubuntu12.4
isc-dhcp-server 4.2.4-7ubuntu12.4
isc-dhcp-server-ldap 4.2.4-7ubuntu12.4
Ubuntu 12.04 LTS:
isc-dhcp-client 4.1.ESV-R4-0ubuntu5.10
isc-dhcp-relay 4.1.ESV-R4-0ubuntu5.10
isc-dhcp-server 4.1.ESV-R4-0ubuntu5.10
isc-dhcp-server-ldap 4.1.ESV-R4-0ubuntu5.10
In general, a standard system update will make all the necessary changes.
References:
http://www.ubuntu.com/usn/usn-2868-1
CVE-2015-8605
Package Information:
https://launchpad.net/ubuntu/+source/isc-dhcp/4.3.1-5ubuntu3.1
https://launchpad.net/ubuntu/+source/isc-dhcp/4.3.1-5ubuntu2.3
https://launchpad.net/ubuntu/+source/isc-dhcp/4.2.4-7ubuntu12.4
https://launchpad.net/ubuntu/+source/isc-dhcp/4.1.ESV-R4-0ubuntu5.10
—–BEGIN PGP SIGNATURE—–
Version: GnuPG v2
iQIcBAEBCgAGBQJWlk7YAAoJEGVp2FWnRL6TubcP/0lBRH//IhvY773Vw9ygXmpB
GyaYzrZFH0AiGi6LQaNYrDhKdIQqk8wgiU/6zq83LV3fXe4UN2SJWB+HIJ9M097i
FqZVo+rgSVhvfe13ovYunozsmrrnsqBgUqDmix3zGaXYa3uPBsFuPy1r8MSei2j/
TZncANK7Ja/Wu0s81426JpmpwCAyHEs1v2V/WUBehEgVfRO1oZU2BBxtLwpJsmvt
936azhHSN14lR+UgKDj2nY8kk1jlXKJLs89brS9/O1jNGIE6kWLchTYINIFtMPcM
DL+2n3d/m6MGVRn9l2lahW1+o/0NGmLD7oPYx1FQao0R3SG9FG57ic4m8b4z1aYA
3SN5czP/BBe7d+Y4AjZj/8HwmzuPqnFr0LZbne2LkAW8z6aoWXXNd1rYbj9iGxz5
cxY9Ulq15LrIYVWiXzvI0rzEqNnOw6yJU/17E030n8F+SfrYGoOAyVWkX/cypoFS
FRI16Vhunk/V84NM481utpnpIL7Zb8ZpECGZDeTHmOuHAt6ZUsucfnn3+P8BIVmR
pfmVUspvAg6VhCmPh7NjlniTdJbYexz6ZYBsLzNHu7u1msM4uT9asY7bb39S2daA
RzVvAsg4Flr7ch/fqY/WMUU6oa1l9Fn6EBKNGrim5oHMxcZ+JNtRwvdMKIj7FAPE
2uLJEc9podBzozTjjRq7
=ozML
—–END PGP SIGNATURE—–
—