New security vulnerability announcement (CVE-2021-25217) and releases of ISC DHCP (4.4.2-P1 and 4.1-ESV-R16-P1)

Michael McNally mcnally at
Wed May 26 21:30:38 UTC 2021

Hello dhcp-users subscribers -

It has been a long time since we last announced a security vulnerability
in ISC DHCP or since we published new releases of the software.

Our practice is to announce such events on the dhcp-announce list and
operate this list to host community discussion, but because of the length
of time since the last such announcements we believe it's quite conceivable
that there are subscribers here who are not subscribed to the announcement
list as well.

If you are such a person, we encourage you to subscribe to dhcp-announce
(it's VERY low traffic, the most recent messages before today were sent
in January 2020) but it is where we make important announcements about
the products.

Subscription can be accomplished via the list's main page:

and if you missed today's messages you can find them in the list archives:

CVE-2021-25217 announcement:

DHCP 4.4.2-P1 and 4.1-ESV-R16-P1 release announcement:


Michael McNally
Internet Systems Consortium

More information about the dhcp-users mailing list