Skip to content
Permalink

Comparing changes

Choose two branches to see what’s changed or to start a new pull request. If you need to, you can also or learn more about diff comparisons.

Open a pull request

Create a new pull request by comparing changes across two branches. If you need to, you can also . Learn more about diff comparisons here.
base repository: NixOS/nixpkgs
base: bd6ba87381ef
Choose a base ref
...
head repository: NixOS/nixpkgs
compare: d53420e3302f
Choose a head ref
  • 2 commits
  • 1 file changed
  • 2 contributors

Commits on Aug 29, 2019

  1. kea: 1.5.0 -> 1.5.0-P1 (security) 

    Fixes:

* CVE-2019-6472 affects the Kea DHCPv6 server, which can exit
  with an assertion failure if the DHCPv6 server process receives
  a request containing DUID value which is too large.
  (https://kb.isc.org/docs/cve-2019-6474)

* CVE-2019-6473 affects the Kea DHCPv4 server, which can exit with
  an assertion failure if it receives a packed containing a malformed
  option.  (https://kb.isc.org/docs/cve-2019-6473)

* CVE-2019-6474 can cause a condition where the server cannot be
  restarted without manual operator intervention to correct a problem
  that can be deliberately introduced into the stored leases.
  CVE-2019-6474 can only affect servers which are using memfile
  for lease storage.  (https://kb.isc.org/docs/cve-2019-6474)

Annoucement: https://www.openwall.com/lists/oss-security/2019/08/29/1
(cherry picked from commit e6e3270)
    @andir
    andir committed Aug 29, 2019
    Copy the full SHA
    09a5674 View commit details
    Browse the repository at this point in the history

Commits on Aug 30, 2019

  1. Merge pull request #67674 from andir/19.03/kea 

    [19.03] kea: 1.5.0 -> 1.5.0-P1 (security)
    @mmahut
    mmahut committed Aug 30, 2019
    Copy the full SHA
    d53420e View commit details
    Browse the repository at this point in the history