Fix for CVE-2018-1111

2018-05-15 09:35:58 +02:00 · 2018-05-15 09:35:58 +02:00 · 16546798c5
commit 16546798c5
parent 6ed5c121b1
2 changed files with 5 additions and 2 deletions
--- a/2
+++ b/2
@ -7,7 +7,7 @@ ETCDIR=/etc/dhcp
 interface=$1

 eval "$(
-declare | LC_ALL=C grep '^DHCP4_[A-Z_]*=' | while read opt; do
+declare | LC_ALL=C grep '^DHCP4_[A-Z_]*=' | while read -r opt; do
    optname=${opt%%=*}
    optname=${optname,,}
    optname=new_${optname#dhcp4_}
--- a/dhcp.spec
+++ b/dhcp.spec
@ -16,7 +16,7 @@
 Summary:  Dynamic host configuration protocol software
 Name:     dhcp
 Version:  4.3.6
-Release:  20%{?dist}
+Release:  21%{?dist}
 # NEVER CHANGE THE EPOCH on this package.  The previous maintainer (prior to
 # dcantrell maintaining the package) made incorrect use of the epoch and
 # that's why it is at 12 now.  It should have never been used, but it was.
@ -677,6 +677,9 @@ done
 %endif

 %changelog
+* Tue May 15 2018 Pavel Zhukov <pzhukov@redhat.com> - 12:4.3.6-21
+- Fix for CVE-2018-1111
+
 * Fri Apr  6 2018 Pavel Zhukov <pzhukov@redhat.com> - 12:4.3.6-20
 - Discover hwaddr for all interfaces for xid uniqueness