OBSOLETE Patch-ID# 148309-05
Download this patch from My Oracle Support
Your use of the firmware, software and any other materials contained
in this update is subject to My Oracle Support Terms of Use, which
may be viewed at My Oracle Support.
|
For further information on patching best practices and resources, please
see the following links:
|
Copyright (c) 2012, Oracle and/or its affiliates. All rights reserved.
|
Keywords: security buffer overflow crafted dhcp
Synopsis: Obsoleted by: 148309-06 SunOS 5.10: dhcp patch
Date: Aug/15/2014
Install Requirements: Reboot after installing this patch to activate the changes delivered. An alternative may be specified in the Special Install Instructions.
Solaris Release: 10
SunOS Release: 5.10
Unbundled Product:
Unbundled Release:
Xref: This patch available for x86 as patch 148310
Topic: SunOS 5.10: dhcp patch
Relevant Architectures: sparc
Bugs fixed with this patch:
Changes incorporated in this version: 17624647
Patches accumulated and obsoleted by this patch: 138876-03
Patches which conflict with this patch:
Patches required with this patch: 120011-14 141444-09 (or greater)
Obsoleted by:
Files included with this patch:
/lib/libdhcputil.so.1
/usr/lib/inet/in.dhcpd
Problem Description:
17624647 in.dhcpd spits SENDTO error while it's being restarted
(from 148309-04)
16807129 in.dhcpd assigns address a second time while lease is still valid
17003748 misleading uses of htonl() in dhcp.c
(from 148309-03)
7144324 in.dhcpd SEGV during termination
7157446 in.dhcpd SEGV at startup
(from 148309-02)
6764655 array overrun in dhcp_inittab.c
7111670 uninitialized variable in dsrvr_socktype
7116566 remove ITAB_CAT_COUNT in dhcp_inittab.h
(from 148309-01)
This revision accumulates generic Sustaining patch 138876-03
into Solaris S10U11 update.
(from 138876-03)
7080119 DHCPNAK larger than the minimum size for a DHCP response, the CD_END is not included
(from 138876-02)
6370597 in.dhcpd core dumps: double free on a DHCP network container record
6959836 DHCP server should set file limit even in debug mode
6963971 dhcpd needs to be hardened against the 32-bit fopen/255 problem
(from 138876-01)
6573010 DHCP server fails to lock newly created client record
6619398 [CVE-2007-5365] potential buffer overflow due to crafted requests
6713805 DHCP server should not care about the number of offers
Patch Installation Instructions:
--------------------------------
Please refer to the man pages for instructions on using 'patchadd'
and 'patchrm' commands provided with Solaris.
The following example installs a patch to a standalone machine:
example# patchadd /var/spool/patch/123456-07
The following example removes a patch from a standalone system:
example# patchrm 123456-07
For additional examples please see the appropriate man pages. Any
other special or non-generic installation instructions should be
described below as special instructions.
Special Install Instructions:
-----------------------------
NOTE 1: Reboot the system after patch installation.
This patch may be activated without a reboot by restarting the
DHCP server manually when convenient.
Example 1. Restarting DHCP service (in.dhcpd) after installing
this patch:
svcadm restart svc:/network/dhcp-server:default
README -- Last modified date: Wednesday, May 13, 2015