import dhcp-4.3.6-49.el8

This commit is contained in:
CentOS Sources 2023-03-28 08:31:56 +00:00 committed by root
parent 62902ef620
commit e24d76c907
4 changed files with 87 additions and 1 deletions

View File

@ -0,0 +1,32 @@
diff --git a/common/options.c b/common/options.c
index ed8ac38..addc65a 100644
--- a/common/options.c
+++ b/common/options.c
@@ -4397,6 +4397,8 @@ add_option(struct option_state *options,
if (!option_cache_allocate(&oc, MDL)) {
log_error("No memory for option cache adding %s (option %d).",
option->name, option_num);
+ /* Get rid of reference created during hash lookup. */
+ option_dereference(&option, MDL);
return 0;
}
@@ -4408,6 +4410,8 @@ add_option(struct option_state *options,
MDL)) {
log_error("No memory for constant data adding %s (option %d).",
option->name, option_num);
+ /* Get rid of reference created during hash lookup. */
+ option_dereference(&option, MDL);
option_cache_dereference(&oc, MDL);
return 0;
}
@@ -4416,6 +4420,9 @@ add_option(struct option_state *options,
save_option(&dhcp_universe, options, oc);
option_cache_dereference(&oc, MDL);
+ /* Get rid of reference created during hash lookup. */
+ option_dereference(&option, MDL);
+
return 1;
}

View File

@ -0,0 +1,25 @@
diff --git a/common/options.c b/common/options.c
index addc65a..3e6383a 100644
--- a/common/options.c
+++ b/common/options.c
@@ -435,16 +435,16 @@ int fqdn_universe_decode (struct option_state *options,
while (s < &bp -> data[0] + length + 2) {
len = *s;
if (len > 63) {
- log_info ("fancy bits in fqdn option");
- return 0;
+ log_info ("label length exceeds 63 in fqdn option");
+ goto bad;
}
if (len == 0) {
terminated = 1;
break;
}
if (s + len > &bp -> data [0] + length + 3) {
- log_info ("fqdn tag longer than buffer");
- return 0;
+ log_info ("fqdn label longer than buffer");
+ goto bad;
}
if (first_len == 0) {

View File

@ -0,0 +1,12 @@
diff --git a/common/options.c b/common/options.c
index 3e6383a..9216ae4 100644
--- a/common/options.c
+++ b/common/options.c
@@ -1122,7 +1122,6 @@ store_options6(char *buf, int buflen,
*/
if (code == vsio_option_code) {
vsio_wanted = 1;
- continue;
}
/*

View File

@ -16,7 +16,7 @@
Summary: Dynamic host configuration protocol software Summary: Dynamic host configuration protocol software
Name: dhcp Name: dhcp
Version: 4.3.6 Version: 4.3.6
Release: 48%{?dist} Release: 49%{?dist}
# NEVER CHANGE THE EPOCH on this package. The previous maintainer (prior to # NEVER CHANGE THE EPOCH on this package. The previous maintainer (prior to
# dcantrell maintaining the package) made incorrect use of the epoch and # dcantrell maintaining the package) made incorrect use of the epoch and
# that's why it is at 12 now. It should have never been used, but it was. # that's why it is at 12 now. It should have never been used, but it was.
@ -85,6 +85,9 @@ Patch49: dhcp-detect-system-time-jumps.patch
Patch50: dhcp-key_algorithm.patch Patch50: dhcp-key_algorithm.patch
Patch51: dhcp-statement_parser.patch Patch51: dhcp-statement_parser.patch
Patch52: dhcp-omshell-hmac-sha512-support.patch Patch52: dhcp-omshell-hmac-sha512-support.patch
Patch53: dhcp-CVE-2022-2928.patch
Patch54: dhcp-CVE-2022-2929.patch
Patch55: dhcp-dhcp6-vendor-opts.patch
BuildRequires: autoconf BuildRequires: autoconf
BuildRequires: automake BuildRequires: automake
@ -369,6 +372,15 @@ rm bind/bind.tar.gz
# https://bugzilla.redhat.com/show_bug.cgi?id=2016248 # https://bugzilla.redhat.com/show_bug.cgi?id=2016248
%patch52 -p1 %patch52 -p1
# https://bugzilla.redhat.com/show_bug.cgi?id=2132248
%patch53 -p1
# https://bugzilla.redhat.com/show_bug.cgi?id=2132245
%patch54 -p1
# https://bugzilla.redhat.com/show_bug.cgi?id=2142024
%patch55 -p1
# Update paths in all man pages # Update paths in all man pages
for page in client/dhclient.conf.5 client/dhclient.leases.5 \ for page in client/dhclient.conf.5 client/dhclient.leases.5 \
client/dhclient-script.8 client/dhclient.8 ; do client/dhclient-script.8 client/dhclient.8 ; do
@ -702,6 +714,11 @@ done
%endif %endif
%changelog %changelog
* Tue Oct 11 2022 Martin Osvald <mosvald@redhat.com> - 12:4.3.6-49
- Fix for CVE-2022-2928
- Fix for CVE-2022-2929
- send back dhcp6.vendor-opts again (#2142024)
* Tue May 10 2022 Martin Osvald <mosvald@redhat.com> - 12:4.3.6-48 * Tue May 10 2022 Martin Osvald <mosvald@redhat.com> - 12:4.3.6-48
- omshell: add support for hmac-sha512 algorithm (#2016248) - omshell: add support for hmac-sha512 algorithm (#2016248)