diff options
Diffstat (limited to 'RELNOTES')
-rw-r--r-- | RELNOTES | 15 |
1 files changed, 8 insertions, 7 deletions
@@ -8,8 +8,9 @@ NEW FEATURES Version 4.1-ESV-R16-P1 is a security release of an extended support version -(ESV) release. ESVs are intended for users who have longer upgrade -constraints. Please see our web page: +(ESV) fixing possible buffer overwrite error in client and server +while parsing haxadecimal literals in lease file. ESVs are intended for +users who have longer upgrade constraints. Please see our web page: http://www.isc.org/downloads/software-support-policy/ @@ -75,11 +76,11 @@ Email Vicky Risk, Product Manager at vicky@isc.org or discuss on dhcp-users@lists.isc.org. Changes since 4.1-ESV-R16 - -- Corrected a buffer overwrite possible when parsing hexadecimal - literals with more than 1024 octets. - [Gitlab #182] - CVE: CVE-2021-25217 + ! Corrected a buffer overwrite possible when parsing hexadecimal + literals with more than 1024 octets. Reported by Jon Franklin from Dell, + and also by Pawel Wieczorkiewicz from Amazon Web Services. + [Gitlab #182] + CVE: CVE-2021-25217 Changes since 4.1-ESV-R16b1 |