[CentOS] CVE-2019-6470 - dhcpd6 bug in CentOS 8 not being fixed?

Steinar Skjelanger

steinar at skjelanger.com
Sun Oct 13 20:26:21 UTC 2019


The CVE-2019-6470 bug in isc-dhcp for ipv6 causing the server to crash on a
regular basis is marked as "will not fix" for RHEL 8 on Red Hat's web site
[1]. It's already got a fix for RHEL/CentOS 7, and other distros (like
Ubuntu and Fedora) have released fixes.

Is anyone familiar with the issue, or know about a (reasonable) workaround?
Or why Red Hat doesn't want to fix it?

I tried to contact Red Hat support to get their reasoning, but as we only
have self-support subscriptions with them, they were not particulary
interested in talking to me.

[1] https://access.redhat.com/security/cve/cve-2019-6470

-- 
Regards,

Steinar Skjelanger


More information about the CentOS mailing list