import CS dhcp-4.4.2-19.b1.el9

2023-09-21 18:18:03 +00:00 · 2023-09-21 18:18:03 +00:00 · 84ed047020
parent 7b8f8cf5eb
commit 84ed047020
2 changed files with 20 additions and 1 deletions
--- a/SOURCES/dont-drop-bounds-twice.patch
+++ b/SOURCES/dont-drop-bounds-twice.patch
@ -0,0 +1,15 @@
+diff --git a/relay/dhcrelay.c b/relay/dhcrelay.c
+index c4ee5ba..1c6531a 100644
+--- a/relay/dhcrelay.c
+++ b/relay/dhcrelay.c
+@@ -843,8 +843,8 @@ main(int argc, char **argv) {
+ #ifdef HAVE_LIBCAP_NG
+ 	/* Drop all capabilities */
+ 	if (!keep_capabilities) {
+-		capng_clear(CAPNG_SELECT_BOTH);
+-		capng_apply(CAPNG_SELECT_BOTH);
+		capng_clear(CAPNG_SELECT_CAPS);
+		capng_apply(CAPNG_SELECT_CAPS);
+ 		log_info ("Dropped all capabilities.");
+ 	}
+ #endif
--- a/SPECS/dhcp.spec
+++ b/SPECS/dhcp.spec
@ -15,7 +15,7 @@
 Summary:  Dynamic host configuration protocol software
 Name:     dhcp
 Version:  4.4.2
-Release:  18.b1%{?dist}
+Release:  19.b1%{?dist}

 # NEVER CHANGE THE EPOCH on this package.  The previous maintainer (prior to
 # dcantrell maintaining the package) made incorrect use of the epoch and
@ -67,6 +67,7 @@ Patch30: CVE-2021-25220.patch
 Patch31: omshell-hmac-sha512-support.patch
 Patch32: CVE-2022-2928.patch
 Patch33: CVE-2022-2929.patch
+Patch34: dont-drop-bounds-twice.patch


 BuildRequires: autoconf
@ -508,6 +509,9 @@ done
 %endif

 %changelog
+* Wed Apr 12 2023 Martin Osvald <mosvald@redhat.com> - 12:4.4.2-19.b1
+- Do not drop bounding set twice (#2184965)
+
 * Mon Oct 10 2022 Martin Osvald <mosvald@redhat.com> - 12:4.4.2-18.b1
 - Fix for CVE-2022-2928
 - Fix for CVE-2022-2929