SUSE-SU-2012:1327-1: moderate: Security update for dhcp

sle-security-updates at lists.suse.com sle-security-updates at lists.suse.com
Wed Oct 10 15:08:26 MDT 2012 

   SUSE Security Update: Security update for dhcp
______________________________________________________________________________

Announcement ID:    SUSE-SU-2012:1327-1
Rating:             moderate
References:         #780167 
Cross-References:   CVE-2012-3955
Affected Products:
                    SUSE Linux Enterprise Software Development Kit 11 SP2
                    SUSE Linux Enterprise Server 11 SP2 for VMware
                    SUSE Linux Enterprise Server 11 SP2
                    SUSE Linux Enterprise Desktop 11 SP2
______________________________________________________________________________

   An update that fixes one vulnerability is now available. It
   includes one version update.

Description:


   This update to ISC dhcp-4.2.4-P2 release provides a
   security fix for an  issue with the use of lease times.
   Making certain changes to the end time  of an IPv6 lease
   could cause the server to abort. Thanks to Glen Eustace of
   Massey University, New Zealand for finding this issue.

   CVE-2012-3955 has been assigned to this issue.

   Security Issue reference:

   * CVE-2012-3955
   <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3955
   >


Patch Instructions:

   To install this SUSE Security Update use YaST online_update.
   Alternatively you can run the command listed for your product:

   - SUSE Linux Enterprise Software Development Kit 11 SP2:

      zypper in -t patch sdksp2-dhcp-6831

   - SUSE Linux Enterprise Server 11 SP2 for VMware:

      zypper in -t patch slessp2-dhcp-6831

   - SUSE Linux Enterprise Server 11 SP2:

      zypper in -t patch slessp2-dhcp-6831

   - SUSE Linux Enterprise Desktop 11 SP2:

      zypper in -t patch sledsp2-dhcp-6831

   To bring your system up-to-date, use "zypper patch".


Package List:

   - SUSE Linux Enterprise Software Development Kit 11 SP2 (i586 ia64 ppc64 s390x x86_64) [New Version: 4.2.4.P2]:

      dhcp-devel-4.2.4.P2-0.5.1

   - SUSE Linux Enterprise Server 11 SP2 for VMware (i586 x86_64) [New Version: 4.2.4.P2]:

      dhcp-4.2.4.P2-0.5.1
      dhcp-client-4.2.4.P2-0.5.1
      dhcp-relay-4.2.4.P2-0.5.1
      dhcp-server-4.2.4.P2-0.5.1

   - SUSE Linux Enterprise Server 11 SP2 (i586 ia64 ppc64 s390x x86_64) [New Version: 4.2.4.P2]:

      dhcp-4.2.4.P2-0.5.1
      dhcp-client-4.2.4.P2-0.5.1
      dhcp-relay-4.2.4.P2-0.5.1
      dhcp-server-4.2.4.P2-0.5.1

   - SUSE Linux Enterprise Desktop 11 SP2 (i586 x86_64) [New Version: 4.2.4.P2]:

      dhcp-4.2.4.P2-0.5.1
      dhcp-client-4.2.4.P2-0.5.1


References:

   http://support.novell.com/security/cve/CVE-2012-3955.html
   https://bugzilla.novell.com/780167
   http://download.novell.com/patch/finder/?keywords=7781f2ce06d447847fcd3a648a73d5e5

More information about the sle-security-updates mailing list