The remote host is missing an update to dhcp announced via advisory FEDORA-2009-9075.

Apply the appropriate updates. This update can be installed with the yum update program. Use su -c 'yum update dhcp' at the command line. For more information, refer to Managing Software with yum, available at http://docs.fedoraproject.org/yum/. https://secure1.securityspace.com/smysecure/catid.html?in=FEDORA-2009-9075

Update Information: Do not require policycoreutils when installing dhcp or dhclient packages. If you have the package installed, the /sbin/restorecon program will be used by dhclient-script and the dhcpd init script. This update to the dhcp package includes fixes for CVE-2009-0692 and CVE-2009-1892. Note: CVE-2009-0692 had no security consequences on Fedora, thanks to the use of FORTIFY_SOURCE ChangeLog: * Wed Aug 26 2009 David Cantrell - 12:4.1.0p1-4 - Do not require policycoreutils for dhclient subpackage, fix restorecon calls in postinstall scriptlets (#519479) * Wed Aug 26 2009 David Cantrell - 12:4.1.0p1-3 - Do not require policycoreutils for post scriptlet (#519479) * Thu Aug 6 2009 David Cantrell - 12:4.1.0p1-2 - Add /usr/lib[64]/pm-utils/sleep.d/56dhclient to handle suspend and resume with active dhclient leases (#479639) * Wed Aug 5 2009 David Cantrell - 12:4.1.0p1-1 - Upgrade to dhcp-4.1.0p1, which is the official upstream release to fix CVE-2009-0692 * Wed Aug 5 2009 David Cantrell - 12:4.1.0-25 - Fix for CVE-2009-0692 - Fix for CVE-2009-1892 (#511834) - Disable patch for #514828 since that fix is still in updates-testing * Tue Aug 4 2009 David Cantrell - 12:4.1.0-24 - Correct lease file format written by dhclient (#514828)

• https://bugzilla.redhat.com/show_bug.cgi?id=511834
• https://bugzilla.redhat.com/show_bug.cgi?id=519479

---

Updated on 2015-03-25