diff options
Diffstat (limited to 'RELNOTES')
| -rw-r--r-- | RELNOTES | 93 |
1 files changed, 90 insertions, 3 deletions
@@ -1,6 +1,6 @@ Internet Systems Consortium DHCP Distribution - Version 4.2.3-P1 - 29 Novemberr 2011 + Version 4.2.4b1 + 12 April 2012 Release Notes @@ -42,12 +42,99 @@ work on other platforms. Please report any problems and suggested fixes to Changes since 4.2.3 ! Add a check for a null pointer before calling the regexec function. - Without out this check we could, under some circumstances, pass + Without this check we could, under some circumstances, pass a null pointer to the regexec function causing it to segfault. Thanks to a report from BlueCat Networks. [ISC-Bugs #26704]. CVE: CVE-2011-4539 +! Modify the DDNS handling code. In a previous patch we added logging + code to the DDNS handling. This code included a bug that caused it + to attempt to dereference a NULL pointer and eventually segfault. + While reviewing the code as we addressed this problem, we determined + that some of the updates to the lease structures would not work as + planned since the structures being updated were in the process of + being freed: these updates were removed. In addition we removed an + incorrect call to the DDNS removal function that could cause a failure + during the removal of DDNS information from the DNS server. + Thanks to Jasper Jongmans for reporting this issue. + [ISC-Bugs #27078] + CVE: CVE-2011-4868 + +- Fixed the code that checks if an address the server is planning + to hand out is in a reserved range. This would appear as + the server being out of addresses in pools with particular ranges. + [ISC-Bugs #26498] + +- In the DDNS code handle error conditions more gracefully and add more + logging code. The major change is to handle unexpected cancel events + from the DNS client code. + [ISC-Bugs #26287]. + +- Tidy up the receive calls and eliminate the need for found_pkt + [ISC-Bugs #25066] + +- Add support for Infiniband over sockets to the server and + relay code. We've tested this on Solaris and hope to expand + support for Infiniband in the future. This patch also corrects + some issues we found in the socket code. [ISC-Bugs #24245] + +- Add a compile time check for the presence of the noreturn attribute + and use it for log_fatal if it's available. This will help code + checking programs to eliminate false positives. + [ISC-Bugs #27539] + +- Fixed many compilation problems ("set, but not used" warnings) for + gcc 4.6 that may affect Ubuntu 11.10 users. [ISC-Bugs #27588] + +- Modify the code that determines if an outstanding DDNS request + should be cancelled. This patch results in cancelling the + outstanding request less often. It fixes the problem caused + by a client doing a release where the txt and ptr records + weren't removed from the DNS. + [ISC-BUGS #27858] + +- Use offsetof() instead of sizeof() to get the sizes for dhcpv6_relay_packet + and dhcpv6_packet in several more places. Thanks to a report from + Bruno Verstuyft and Vincent Demaertelaere of Excentis. + [ISC-Bugs #27941] + +- Remove outdated note in the bootp keyword about the option not satisfying + the requirement of failover peers for denying dynamic bootp clients. + [ISC-bugs #28574] + +- Multiple items to clean up IPv6 address processing. + When processing an IA that we've seen check to see if the + addresses are usable (not in use by somebody else) before + handing it out. + When reading in leases from the file discard expired addresses. + When picking an address for a client include the IA ID in + addition to the client ID to generally pick different addresses + for different IAs. + [ISC-Bugs #23138] [ISC-Bugs #27945] [ISC-Bugs #25586] + [ISC-Bugs #27684] + +- Remove unnecessary checks in the lease query code and clean up + several compiler issues (some dereferences of NULL and treating + an int as a boolean). + [ISC-Bugs #26203] + +- Fix the NA and PD allocation code to handle the case where a client + provides a preference and the server doesn't have any addresses or + prefixes available. Previoulsy the server ignored the request with + this patch it replies with a NoAddrsAvail or NoPrefixAvai respone. + By default the code performs according to the errata of August 2010 + for RFC 3315 section 17.2.2, to enable the previous style see the + seciton on RFC3315_PRE_ERRATA_2010_08 in includes/site.h. This option + may be removed in the future. + Thanks to Jiri Popelka at Red Hat for the patch. + [ISC-Bugs #22676] + +- Fix up some issues found by static analysis + A potential memory leak and NULL dereference in omapi. + The use of a boolean test instead of a bitwise test in dst. + [ISC-Bugs #28941] + Changes since 4.2.2 - Fix the code that checks for an existing DDNS transaction to cancel |