New DHCP releases: 2.0pl3 and 3.0b1pl17

Ted Lemon Ted.Lemon at nominum.com
Thu Jul 20 05:38:44 UTC 2000


  *** From dhcp-announce -- To unsubscribe, see the end of this message. ***


These releases fix a lingering security problem that was partially
fixed in 2.0pl2 and 3.0b1pl14 that made it possible for a rogue DHCP
server to provide information to the DHCP client that would cause it
to execute arbitrary commands as root.   This fix is similar to a fix
implemented by the OpenBSD folks.

IF YOU ARE RUNNING VERSIONS OF THE ISC DHCP CLIENT PRIOR to 2.0pl2 or
3.0b1pl17, PLEASE UPGRADE ASAP.

This patch is NOT necessary for ISC DHCP server users - only for users
of the ISC DHCP client.

Users of the ISC DHCP client from the head of the anoncvs tree prior
to July 20 at 5:36 AM, UTC, should also upgrade.

Both versions of the ISC DHCP Distribution are available at
ftp://ftp.isc.org/isc/dhcp.

			       _MelloN_

-----------------------------------------------------------------------
To unsubscribe from this list, visit http://www.isc.org/dhcp-lists.html
or send mail to dhcp-announce-request at isc.org with the subject line of
'unsubscribe'.
-----------------------------------------------------------------------


More information about the dhcp-announce mailing list