openSUSE Security Update : dhcp (openSUSE-2016-887)
High Nessus Plugin ID 92506
SynopsisThe remote openSUSE host is missing a security update.
DescriptionThis update for dhcp fixes the following issues :
Security issue fixed :
- CVE-2016-2774: Fixed a denial of service attack against the DHCP server over the OMAPI TCP socket, which could be used by network adjacent attackers to make the DHCP server non-functional (bsc#969820).
Non security issues fixed :
- Rename freeaddrinfo(), getaddrinfo() and getnameinfo() in the internal libirs library that does not consider /etc/hosts and /etc/nsswitch.conf to use irs_ prefix.
This prevents name conflicts which would result in overriding standard glibc functions used by libldap.
This update was imported from the SUSE:SLE-12-SP1:Update update project.
SolutionUpdate the affected dhcp packages.