Date: Tue, 22 Dec 2015 22:31:05 +0100 From: ISC Security Officer <security-officer@....org> To: oss-security@...ts.openwall.com Cc: ISC Security Officer <security-officer@....org> Subject: New vulnerability in Kea DHCP servers (CVE-2015-8373) is now public Please be advised that ISC publicly announced a critical vulnerability in the Kea DHCP servers. The CVE-2015-8373 is a denial-of-service vector which can be exploited remotely against DHCPv4 and DHCPv6 servers by sending malformed packet. Please find the details in the security advisory. https://kb.isc.org/article/AA-01318 New releases of Kea, including security fixes for this vulnerability, are available at: www.isc.org/downloads/ Release notes can be obtained using the following links: ftp://ftp.isc.org/isc/kea/0.9.2-P1/KeaReleaseNotes092P1.txt ftp://ftp.isc.org/isc/kea/1.0.0-beta2/KeaReleaseNotes100beta2.txt Marcin Siodelski (as ISC Security Officer) Download attachment "signature.asc" of type "application/pgp-signature" (474 bytes)
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.