ISC DHCP 4.1-ESV and 4.1.2-P1 are now available for download

Wed Jan 26 20:30:52 UTC 2011

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

ISC DHCP 4.1-ESV and 4.1.2-P1 are now available for download.

These are security patch releases of ISC DHCP 4.1.2 and 4.1-ESV. The
security advisory is included below.

A list of the changes in this release has been appended to the end
of this message.  For a complete list of changes from any previous
release, please consult the RELNOTES file within the source
distribution, or on our website:

    http://www.isc.org/software/dhcp

This release, and its OpenPGP-signatures are available now from:

ftp://ftp.isc.org/isc/dhcp/dhcp-4.1.2-P1.tar.gz
ftp://ftp.isc.org/isc/dhcp/dhcp-4.1.2-P1.tar.gz.asc
ftp://ftp.isc.org/isc/dhcp/dhcp-4.1.2-P1.tar.gz.sha1.asc
ftp://ftp.isc.org/isc/dhcp/dhcp-4.1.2-P1.tar.gz.sha256.asc
ftp://ftp.isc.org/isc/dhcp/dhcp-4.1.2-P1.tar.gz.sha512.asc

ftp://ftp.isc.org/isc/dhcp/dhcp-4.1-ESV-R1.tar.gz
ftp://ftp.isc.org/isc/dhcp/dhcp-4.1-ESV-R1.tar.gz.asc
ftp://ftp.isc.org/isc/dhcp/dhcp-4.1-ESV-R1.tar.gz.sha1.asc
ftp://ftp.isc.org/isc/dhcp/dhcp-4.1-ESV-R1.tar.gz.sha256.asc
ftp://ftp.isc.org/isc/dhcp/dhcp-4.1-ESV-R1.tar.gz.sha512.asc

ISC's Release Signing Key can be obtained at:

    http://www.isc.org/about/openpgp/

		Changes since 4.1.2 and 4.1-ESV

! When processing a request in the DHCPv6 server code that specifies
  an address that is tagged as abandoned (meaning we received a
  decline request for it previously) don't attempt to move it from
  the inactive to active pool as doing so can result in the server
  crshing on an assert failure.  Also retag the lease as active
  and reset it's timeout value.
  [ISC-Bugs #21921]

	Internet Systems Consortium Security Advisory
    DHCP May Crash After Processing a DHCPv6 Decline Message
			26 January 2011

Title: DHCP May Crash After Processing a DHCPv6 Decline Message

CVE-2011-0413

VU#686084

CVSS: 6.1
Vector Equation: (AV:A/AC:L/Au:N/C:N/I:N/A:C)

For more information on CVSS scores, visit
http://nvd.nist.gov/cvss.cfm?calculator&adv&version=2

Posting date: 2011-01-26

Program Impacted: DHCP

Versions affected: 4.0.x-4.2.x

Severity: moderate

Exploitable: remotely

Description and Impact:

When the DHCPv6 server code processes a message for an address that was
previously declined and internally tagged as abandoned it can trigger an
assert failure resulting in the server crashing. This could be used to
crash DHCPv6 servers remotely. This issue only affects DHCPv6 servers.
DHCPv4 servers are unaffected.

Workarounds: No direct workaround.

Exposure to the vulnerability can be limited by a review of the filters
and access to the DHCP server. It is highly recommended to limit access
to those devices which require DHCP server, management access, and
systems monitoring.

Active exploits: None known.

Solution: Upgrade to 4.1.2-P1, 4.1-ESV-R1, or 4.2.1b1.

Questions regarding this advisory or ISC's Support services should be
sent to dhcp-bugs at isc.org
-----BEGIN PGP SIGNATURE-----
Version: GnuPG/MacGPG2 v2.0.14 (Darwin)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/

iQEcBAEBAgAGBQJNQIR6AAoJEBOIp87tasiUrz8H/3dw4SlrbPjkKo/UgdeGJD3q
x5Q0IiNM18SPFIhtXE1rJRyvq0FWZzbuEexPVyLMAoQYPqenoB3qBAaAUSFcvsH0
l9wiUTHoVR2+IUK8/NRaQftKfD/Vq541G+xxwoviOJj8JvnjdMPCdPPviPqwQcPP
gTUisLDHTw6K2CvNAVHNTRr6y8PoFIF1IDINA0XwtDOShefwhPEqpYVfTLoHxZ2V
c5NDqygG/lGFG9rn9GH7bFtE/3ptzbZx7p0nOeOBjm48Isx7ta7638ItTfeJuIhJ
CSI/j1xW95aBXEE8sWIkoxl7zYIF+E5Lh/+vA7v8W/GHbgz7X8OAY1OPRun9Mw4=
=84ut
-----END PGP SIGNATURE-----