This update for kea fixes the following issues:
Update to release 2.6.5:
- A large number of bracket pairs in a JSON payload directed to
any endpoint would result in a stack overflow, due to recursive
calls when parsing the JSON. This has been fixed.
(CVE-2026-3608)
[bsc#1260380]
- A null dereference is now no longer possible when configuring
the Control Agent with a socket that lacks the mandatory
socket-name entry.
- UNIX sockets are now created as group-writable.
- Corrected an issue in logging configuration when parsing
'syslog:'
- Earlier Kea versions could crash when handling misconfigured
global reservations. This has been fixed.
- Support for recent versions of Sphinx has been added.