Debian Security Advisory

DLA-385-1 isc-dhcp -- LTS security update

Date Reported:

14 Jan 2016

Affected Packages:

isc-dhcp

Vulnerable:

Yes

Security database references:

In Mitre's CVE dictionary: CVE-2015-8605.

More information:

It was discovered that a maliciously crafted packet can crash any of the isc-dhcp applications. This includes the DHCP client, relay, and server application. Only IPv4 setups are affected.

We recommend that you upgrade your isc-dhcp packages to version 4.1.1-P1-15+squeeze9 (Debian squeeze LTS).