rpms/dhcp
5
0
Fork 0
Code Issues Pull Requests Releases Activity

Ensure only compatible bind-export-libs is accepted

Browse Source 
bind-export-libs has changed ABI because last CVE fixes. To make it more
discoverable ensure dhcp parts require compatible rebuild together. They
have to refuse to upgrade without matching bind, because otherwise
builds may crashing at strange places.

; Related: CVE-2023-50387 CVE-2023-50868
Related: RHEL-25681 RHEL-25649
This commit is contained in:
Petr Menšík 2024-04-15 23:28:49 +02:00
parent 5900a84410
commit 33f4b8e911
1 changed files with 7 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
dhcp.spec
View File

@ -12,6 +12,9 @@
#global patchver P1 #global patchver P1
%global DHCPVERSION %{version}%{?prever}%{?patchver:-%{patchver}} %global DHCPVERSION %{version}%{?prever}%{?patchver:-%{patchver}}
# bind has changed ABI with CVE-2023-50387 fixes. Require compatible build
%global BIND_MINVER 9.11.36-14
Summary: Dynamic host configuration protocol software Summary: Dynamic host configuration protocol software
Name: dhcp Name: dhcp
@ -97,7 +100,7 @@ BuildRequires: openldap-devel
BuildRequires: krb5-devel BuildRequires: krb5-devel
BuildRequires: libcap-ng-devel BuildRequires: libcap-ng-devel
# https://fedorahosted.org/fpc/ticket/502#comment:3 # https://fedorahosted.org/fpc/ticket/502#comment:3
BuildRequires: bind-export-devel >= 9.11.11 BuildRequires: bind-export-devel >= %{BIND_MINVER}
BuildRequires: systemd systemd-devel BuildRequires: systemd systemd-devel
# dhcp-sd_notify.patch # dhcp-sd_notify.patch
BuildRequires: pkgconfig(libsystemd) BuildRequires: pkgconfig(libsystemd)
@ -122,6 +125,7 @@ DHCP (Dynamic Host Configuration Protocol)
Summary: Provides the ISC DHCP server Summary: Provides the ISC DHCP server
Requires: %{name}-common = %{epoch}:%{version}-%{release} Requires: %{name}-common = %{epoch}:%{version}-%{release}
Requires: %{name}-libs%{?_isa} = %{epoch}:%{version}-%{release} Requires: %{name}-libs%{?_isa} = %{epoch}:%{version}-%{release}
Requires: bind-export-libs >= %{BIND_MINVER}
Requires(pre): shadow-utils Requires(pre): shadow-utils
Requires(post): coreutils grep sed Requires(post): coreutils grep sed
Requires(post): systemd Requires(post): systemd
@ -141,6 +145,7 @@ This package provides the ISC DHCP server.
Summary: Provides the ISC DHCP relay agent Summary: Provides the ISC DHCP relay agent
Requires: %{name}-common = %{epoch}:%{version}-%{release} Requires: %{name}-common = %{epoch}:%{version}-%{release}
Requires: %{name}-libs%{?_isa} = %{epoch}:%{version}-%{release} Requires: %{name}-libs%{?_isa} = %{epoch}:%{version}-%{release}
Requires: bind-export-libs >= %{BIND_MINVER}
Requires(post): grep sed Requires(post): grep sed
Requires(post): systemd Requires(post): systemd
Requires(preun): systemd Requires(preun): systemd
@ -163,6 +168,7 @@ Obsoletes: dhclient < %{epoch}:%{version}-%{release}
Requires: coreutils gawk grep ipcalc iproute iputils sed systemd Requires: coreutils gawk grep ipcalc iproute iputils sed systemd
Requires: %{name}-common = %{epoch}:%{version}-%{release} Requires: %{name}-common = %{epoch}:%{version}-%{release}
Requires: %{name}-libs%{?_isa} = %{epoch}:%{version}-%{release} Requires: %{name}-libs%{?_isa} = %{epoch}:%{version}-%{release}
Requires: bind-export-libs >= %{BIND_MINVER}
%description client %description client
DHCP (Dynamic Host Configuration Protocol) is a protocol which allows DHCP (Dynamic Host Configuration Protocol) is a protocol which allows