ELA-192-1 isc-dhcp security update

issues with OMAPI network connections

2019-11-23
Packageisc-dhcp
Version4.2.2.dfsg.1-5+deb70u10
Related CVEs CVE-2016-2774 CVE-2017-3144


Two issues have been found in isc-dhcp, a server for automatic IP address assignment.

CVE-2016-2774 The number of simultaneous open TCP connections to OMAPI port of the server has to be limited in order to avoid a denial of service.

CVE-2017-3144 A failure to properly clean up OMAPI connections might result in an exhaustion of socket descriptors and thus lead to a denial of service.



For Debian 7 Wheezy, these problems have been fixed in version 4.2.2.dfsg.1-5+deb70u10.

We recommend that you upgrade your isc-dhcp packages.

Further information about Extended LTS security advisories can be found in the dedicated section of our website.