From 25d2dbf7201787ca965887dd84c4630fcc2a1b00 Mon Sep 17 00:00:00 2001 From: Jiri Popelka Date: Thu, 4 Nov 2010 20:10:20 +0100 Subject: [PATCH] Fix for CVE-2010-3611 (#649880) --- .gitignore | 2 +- dhcp.spec | 19 +++++++++++++------ sources | 2 +- 3 files changed, 15 insertions(+), 8 deletions(-) diff --git a/.gitignore b/.gitignore index d904b0b..904589f 100644 --- a/.gitignore +++ b/.gitignore @@ -1 +1 @@ -dhcp-4.2.0.tar.gz +/dhcp-4.2.0-P1.tar.gz diff --git a/dhcp.spec b/dhcp.spec index 2df26b4..87bbb87 100644 --- a/dhcp.spec +++ b/dhcp.spec @@ -4,10 +4,15 @@ # Where dhcp configuration files are stored %global dhcpconfdir %{_sysconfdir}/dhcp +# Patch version +%global patchver P1 + +%global VERSION %{version}-%{patchver} + Summary: Dynamic host configuration protocol software Name: dhcp Version: 4.2.0 -Release: 15%{?dist} +Release: 16.%{patchver}%{?dist} # NEVER CHANGE THE EPOCH on this package. The previous maintainer (prior to # dcantrell maintaining the package) made incorrect use of the epoch and # that's why it is at 12 now. It should have never been used, but it was. @@ -16,7 +21,7 @@ Epoch: 12 License: ISC Group: System Environment/Daemons URL: http://isc.org/products/DHCP/ -Source0: ftp://ftp.isc.org/isc/dhcp/dhcp-%{version}.tar.gz +Source0: ftp://ftp.isc.org/isc/dhcp/dhcp-%{VERSION}.tar.gz Source1: dhcpd.init Source2: dhcpd6.init Source3: dhcrelay.init @@ -124,15 +129,14 @@ Summary: Development headers and libraries for interfacing to the DHCP server Group: Development/Libraries Obsoletes: libdhcp4client-devel <= 12:4.0.0-34.fc10 Obsoletes: libdhcp-devel <= 1.99.8-1 -Provides: %{name}-static = %{epoch}:%{version}-%{release} -Requires: %{name}-libs = %{epoch}:%{version}-%{release} +Requires: %{name}-libs = %{epoch}:%{VERSION}-%{release} %description devel Header files and API documentation for using the ISC DHCP libraries. The libdhcpctl and libomapi static libraries are also included in this package. %prep -%setup -q +%setup -q -n dhcp-%{VERSION} # Remove bundled BIND source rm bind/bind.tar.gz @@ -301,7 +305,7 @@ popd %{__perl_requires} \ | %{__grep} -v 'perl(' EOF -%global __perl_requires %{_builddir}/dhcp-%{version}/dhcp-req +%global __perl_requires %{_builddir}/dhcp-%{VERSION}/dhcp-req %{__chmod} +x %{__perl_requires} # Replace @PRODUCTNAME@ @@ -571,6 +575,9 @@ fi %attr(0644,root,root) %{_mandir}/man3/omapi.3.gz %changelog +* Thu Nov 04 2010 Jiri Popelka - 12:4.2.0-16.P1 +- 4.2.0-P1: fix for CVE-2010-3611 (#649880) + * Wed Oct 20 2010 Adam Tkac - 12:4.2.0-15 - build dhcp's libraries as shared libs instead of static libs diff --git a/sources b/sources index 98008bc..caf1eb6 100644 --- a/sources +++ b/sources @@ -1 +1 @@ -83abd7c4f9c24d8dd024ca5a71380c0a dhcp-4.2.0.tar.gz +1c268a2368b2565252b5f9d7255d3c72 dhcp-4.2.0-P1.tar.gz