From a8ea4e71257a6744fc23457c2017543f2be55c40 Mon Sep 17 00:00:00 2001 From: CentOS Sources Date: Wed, 9 Jun 2021 05:20:59 -0400 Subject: [PATCH] import dhcp-4.3.6-44.el8_4.1 --- SOURCES/dhcp-statement_parser.patch | 21 +++++++++++++++++++++ SPECS/dhcp.spec | 9 ++++++++- 2 files changed, 29 insertions(+), 1 deletion(-) create mode 100644 SOURCES/dhcp-statement_parser.patch diff --git a/SOURCES/dhcp-statement_parser.patch b/SOURCES/dhcp-statement_parser.patch new file mode 100644 index 0000000..2bb474b --- /dev/null +++ b/SOURCES/dhcp-statement_parser.patch @@ -0,0 +1,21 @@ +diff --git a/common/parse.c b/common/parse.c +index e78223c2..656b378b 100644 +--- a/common/parse.c ++++ b/common/parse.c +@@ -5790,13 +5790,14 @@ int parse_X (cfile, buf, max) + skip_to_semi (cfile); + return 0; + } +- convert_num (cfile, &buf [len], val, 16, 8); +- if (len++ > max) { ++ if (len >= max) { + parse_warn (cfile, + "hexadecimal constant too long."); + skip_to_semi (cfile); + return 0; + } ++ convert_num (cfile, &buf [len], val, 16, 8); ++ len++; + token = peek_token (&val, (unsigned *)0, cfile); + if (token == COLON) + token = next_token (&val, diff --git a/SPECS/dhcp.spec b/SPECS/dhcp.spec index 568ff26..fc590dd 100644 --- a/SPECS/dhcp.spec +++ b/SPECS/dhcp.spec @@ -16,7 +16,7 @@ Summary: Dynamic host configuration protocol software Name: dhcp Version: 4.3.6 -Release: 44%{?dist} +Release: 44%{?dist}.1 # NEVER CHANGE THE EPOCH on this package. The previous maintainer (prior to # dcantrell maintaining the package) made incorrect use of the epoch and # that's why it is at 12 now. It should have never been used, but it was. @@ -83,6 +83,7 @@ Patch47: dhcp-isc_heap_delete.patch Patch48: dhcp-bind-9.11.patch Patch49: dhcp-detect-system-time-jumps.patch Patch50: dhcp-key_algorithm.patch +Patch51: dhcp-statement_parser.patch BuildRequires: autoconf BuildRequires: automake @@ -361,6 +362,9 @@ rm bind/bind.tar.gz # https://github.com/isc-projects/dhcp/commit/e6ffc27f24321017a5ad9af3707f4e2e54bbac74 %patch50 -p1 -b .key-alg +# https://bugzilla.redhat.com/show_bug.cgi?id=1963807 +%patch51 -p1 + # Update paths in all man pages for page in client/dhclient.conf.5 client/dhclient.leases.5 \ client/dhclient-script.8 client/dhclient.8 ; do @@ -694,6 +698,9 @@ done %endif %changelog +* Thu May 27 2021 Pavel Zhukov - 12:4.3.6-44.1 +- Fix for CVE-2021-25217 + * Fri Dec 11 2020 Pavel Zhukov - 12:4.3.6-44 - Rebuild with new bind (#1904613)