Package: release.debian.org Severity: normal Tags: trixie X-Debbugs-Cc: [email protected], [email protected] Control: affects -1 + src:dhcpcd User: [email protected] Usertags: pu
[ Reason ] Backporting fixes for 5 minor CVEs reported by DSA today. CVE-2025-70102 was fixed in 10.3.1 (Sid has 10.3.2) but never backported until now. Meanwhile, the fix for these four CVEs has long been sitting in upstream Git: CVE-2026-56113, CVE-2026-56114, CVE-2026-56116, CVE-2026-56117. All four patches have just been applied to Sid/Forky pending a new upstream release. [ Impact ] Minor. [ Tests ] Verified to boot on a host running Trixie. [ Risks ] Minor. Most of the patches are one-line fixes. Two of the patches are slightly more involved. [ Checklist ] [*] *all* changes are documented in the d/changelog [*] I reviewed all changes and I approve them [*] attach debdiff against the package in (old)stable [*] the issue is verified as fixed in unstable [ Changes ] * Imported patches for 5 CVEs. * Defuzzed all patches.
diff -Nru dhcpcd-10.1.0/debian/changelog dhcpcd-10.1.0/debian/changelog --- dhcpcd-10.1.0/debian/changelog 2025-12-25 11:40:14.000000000 +0200 +++ dhcpcd-10.1.0/debian/changelog 2026-06-26 18:23:21.000000000 +0300 @@ -1,3 +1,14 @@ +dhcpcd (1:10.1.0-11+deb13u3) trixie; urgency=medium + + * [patches] (Closes: #1140767) + + Cherry-pick upstream fix for CVE-2025-70102 (commit 117742d). + + Cherry-pick upstream fix for CVE-2026-56113 (commit 5733d3c). + + Cherry-pick upstream fix for CVE-2026-56114 (commit 2f00c7b). + + Cherry-pick upstream fix for CVE-2026-56116 (commit 708b4a5). + + Cherry-pick upstream fix for CVE-2026-56117 (commit 78ea09e). + + -- Martin-Éric Racine <[email protected]> Fri, 26 Jun 2026 18:23:21 +0300 + dhcpcd (1:10.1.0-11+deb13u2) trixie; urgency=medium * [patches] diff -Nru dhcpcd-10.1.0/debian/patches/117742d755b591764036dd4218f314f748a3d2b7.patch dhcpcd-10.1.0/debian/patches/117742d755b591764036dd4218f314f748a3d2b7.patch --- dhcpcd-10.1.0/debian/patches/117742d755b591764036dd4218f314f748a3d2b7.patch 1970-01-01 02:00:00.000000000 +0200 +++ dhcpcd-10.1.0/debian/patches/117742d755b591764036dd4218f314f748a3d2b7.patch 2026-06-26 18:13:59.000000000 +0300 @@ -0,0 +1,26 @@ +From 117742d755b591764036dd4218f314f748a3d2b7 Mon Sep 17 00:00:00 2001 +From: Roy Marples <[email protected]> +Date: Sun, 21 Dec 2025 08:31:52 +0000 +Subject: [PATCH] options: Ensure ldop is not NULL dereferenced (#568) + +ldop itself cannot be non NULL as it points to the location. +but *ldop CAN be NULL. + +Fixes: CVE-2025-70102 + +Fixes #567. +--- + src/if-options.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +--- a/src/if-options.c ++++ b/src/if-options.c +@@ -1717,7 +1717,7 @@ + if (*edop) { + dop = &(*edop)->embopts; + dop_len = &(*edop)->embopts_len; +- } else if (ldop) { ++ } else if (*ldop) { + dop = &(*ldop)->embopts; + dop_len = &(*ldop)->embopts_len; + } else { diff -Nru dhcpcd-10.1.0/debian/patches/25689325f81c7a61bd48f5727eaae1d6f16e1328.patch dhcpcd-10.1.0/debian/patches/25689325f81c7a61bd48f5727eaae1d6f16e1328.patch --- dhcpcd-10.1.0/debian/patches/25689325f81c7a61bd48f5727eaae1d6f16e1328.patch 2025-12-25 11:40:14.000000000 +0200 +++ dhcpcd-10.1.0/debian/patches/25689325f81c7a61bd48f5727eaae1d6f16e1328.patch 2026-06-26 18:13:58.000000000 +0300 @@ -10,8 +10,6 @@ hooks/50-timesyncd.conf | 7 +++++++ 1 file changed, 7 insertions(+) -diff --git a/hooks/50-timesyncd.conf b/hooks/50-timesyncd.conf -index dff881732..8ee722bda 100644 --- a/hooks/50-timesyncd.conf +++ b/hooks/50-timesyncd.conf @@ -1,3 +1,10 @@ diff -Nru dhcpcd-10.1.0/debian/patches/2870767a79537b5d6918e7de80358b406fea0898.patch dhcpcd-10.1.0/debian/patches/2870767a79537b5d6918e7de80358b406fea0898.patch --- dhcpcd-10.1.0/debian/patches/2870767a79537b5d6918e7de80358b406fea0898.patch 2025-12-25 11:40:14.000000000 +0200 +++ dhcpcd-10.1.0/debian/patches/2870767a79537b5d6918e7de80358b406fea0898.patch 2026-06-26 18:13:58.000000000 +0300 @@ -16,11 +16,9 @@ src/dhcp6.c | 7 ++++--- 1 file changed, 4 insertions(+), 3 deletions(-) -diff --git a/src/dhcp6.c b/src/dhcp6.c -index ee24b233..9c875a1a 100644 --- a/src/dhcp6.c +++ b/src/dhcp6.c -@@ -3585,8 +3585,6 @@ dhcp6_recvif(struct interface *ifp, const char *sfrom, +@@ -3585,8 +3585,6 @@ if (r->type == DHCP6_ADVERTISE) { struct ipv6_addr *ia; @@ -29,7 +27,7 @@ TAILQ_FOREACH(ia, &state->addrs, next) { if (!(ia->flags & (IPV6_AF_STALE | IPV6_AF_REQUEST))) break; -@@ -3599,11 +3597,14 @@ dhcp6_recvif(struct interface *ifp, const char *sfrom, +@@ -3599,11 +3597,14 @@ else loginfox("%s: ADV %s from %s", ifp->name, ia->saddr, sfrom); diff -Nru dhcpcd-10.1.0/debian/patches/2f00c7bfc408b6582d331932dfa47829c4819029.patch dhcpcd-10.1.0/debian/patches/2f00c7bfc408b6582d331932dfa47829c4819029.patch --- dhcpcd-10.1.0/debian/patches/2f00c7bfc408b6582d331932dfa47829c4819029.patch 1970-01-01 02:00:00.000000000 +0200 +++ dhcpcd-10.1.0/debian/patches/2f00c7bfc408b6582d331932dfa47829c4819029.patch 2026-06-26 18:13:59.000000000 +0300 @@ -0,0 +1,25 @@ +From 2f00c7bfc408b6582d331932dfa47829c4819029 Mon Sep 17 00:00:00 2001 +From: Roy Marples <[email protected]> +Date: Tue, 23 Jun 2026 02:06:55 +0100 +Subject: [PATCH] DHCPv6: Prefix exclude option can be 17 octets (#671) + +Well that's a simple off by one error. + +Fixes: CVE-2026-56114 + +Reported-by: CuB3y0nd <[email protected]> +--- + src/dhcp6.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +--- a/src/dhcp6.c ++++ b/src/dhcp6.c +@@ -1010,7 +1010,7 @@ + + /* RFC6603 Section 4.2 */ + if (ap->prefix_exclude_len) { +- uint8_t exb[16], *ep, u8; ++ uint8_t exb[17], *ep, u8; + const uint8_t *pp; + + n = (size_t)((ap->prefix_exclude_len - diff -Nru dhcpcd-10.1.0/debian/patches/5733d3c59a5651f64357ac11c98b4f39895c8d25.patch dhcpcd-10.1.0/debian/patches/5733d3c59a5651f64357ac11c98b4f39895c8d25.patch --- dhcpcd-10.1.0/debian/patches/5733d3c59a5651f64357ac11c98b4f39895c8d25.patch 1970-01-01 02:00:00.000000000 +0200 +++ dhcpcd-10.1.0/debian/patches/5733d3c59a5651f64357ac11c98b4f39895c8d25.patch 2026-06-26 18:13:59.000000000 +0300 @@ -0,0 +1,83 @@ +From 5733d3c59a5651f64357ac11c98b4f39895c8d25 Mon Sep 17 00:00:00 2001 +From: Roy Marples <[email protected]> +Date: Tue, 23 Jun 2026 02:17:10 +0100 +Subject: [PATCH] DHCPv6: When deprecating addresses, restart on prefix + deletions + +As that might invalidate the next address to iterate on. + +Fixes: CVE-2026-56113 + +Reported-by: CuB3y0nd <[email protected]> +--- + src/dhcp6.c | 21 ++++++++++++++++++--- + 1 file changed, 18 insertions(+), 3 deletions(-) + +--- a/src/dhcp6.c ++++ b/src/dhcp6.c +@@ -2485,12 +2485,13 @@ + } + + #ifndef SMALL +-static void ++static bool + dhcp6_deprecatedele(struct ipv6_addr *ia) + { + struct ipv6_addr *da, *dan, *dda; + struct timespec now; + struct dhcp6_state *state; ++ bool freed = false; + + timespecclear(&now); + TAILQ_FOREACH_SAFE(da, &ia->pd_pfxs, pd_next, dan) { +@@ -2516,11 +2517,14 @@ + if (IN6_ARE_ADDR_EQUAL(&dda->addr, &da->addr)) + break; + } +- if (dda != NULL) { ++ if (dda != ia && dda != NULL) { + TAILQ_REMOVE(&state->addrs, dda, next); + ipv6_freeaddr(dda); ++ freed = true; + } + } ++ ++ return freed; + } + #endif + +@@ -2528,7 +2532,11 @@ + dhcp6_deprecateaddrs(struct ipv6_addrhead *addrs) + { + struct ipv6_addr *ia, *ian; ++#ifndef SMALL ++ bool again; ++#endif + ++again: + TAILQ_FOREACH_SAFE(ia, addrs, next, ian) { + if (ia->flags & IPV6_AF_EXTENDED) + ; +@@ -2550,7 +2558,9 @@ + /* If we delegated from this prefix, deprecate or remove + * the delegations. */ + if (ia->flags & IPV6_AF_PFXDELEGATION) +- dhcp6_deprecatedele(ia); ++ again = dhcp6_deprecatedele(ia); ++ else ++ again = false; + #endif + + if (ia->flags & IPV6_AF_REQUEST) { +@@ -2563,6 +2573,11 @@ + if (!(ia->flags & IPV6_AF_EXTENDED)) + ipv6_deleteaddr(ia); + ipv6_freeaddr(ia); ++#ifndef SMALL ++ /* Deletion may invalidate the next pointer so restart */ ++ if (again) ++ goto again; ++#endif + } + } + diff -Nru dhcpcd-10.1.0/debian/patches/5db90127b1c3128480a52559a9cdbd4949a0fed4.patch dhcpcd-10.1.0/debian/patches/5db90127b1c3128480a52559a9cdbd4949a0fed4.patch --- dhcpcd-10.1.0/debian/patches/5db90127b1c3128480a52559a9cdbd4949a0fed4.patch 2025-12-25 11:40:14.000000000 +0200 +++ dhcpcd-10.1.0/debian/patches/5db90127b1c3128480a52559a9cdbd4949a0fed4.patch 2026-06-26 18:13:59.000000000 +0300 @@ -12,10 +12,8 @@ src/dhcpcd.c | 2 +- 2 files changed, 9 insertions(+), 8 deletions(-) -Index: dhcpcd/src/dhcpcd.8.in -=================================================================== ---- dhcpcd.orig/src/dhcpcd.8.in 2025-12-25 12:13:13.270167489 +0200 -+++ dhcpcd/src/dhcpcd.8.in 2025-12-25 12:13:13.266167446 +0200 +--- a/src/dhcpcd.8.in ++++ b/src/dhcpcd.8.in @@ -523,18 +523,19 @@ Timeout after .Ar seconds , @@ -43,10 +41,8 @@ .It Fl u , Fl Fl userclass Ar class Tags the DHCPv4 message with the userclass .Ar class . -Index: dhcpcd/src/dhcpcd.c -=================================================================== ---- dhcpcd.orig/src/dhcpcd.c 2025-12-25 12:13:13.270167489 +0200 -+++ dhcpcd/src/dhcpcd.c 2025-12-25 12:13:13.266167446 +0200 +--- a/src/dhcpcd.c ++++ b/src/dhcpcd.c @@ -198,7 +198,7 @@ ctx = arg; diff -Nru dhcpcd-10.1.0/debian/patches/6acf895a66b143c42308777e085c1511cdebe5e0.patch dhcpcd-10.1.0/debian/patches/6acf895a66b143c42308777e085c1511cdebe5e0.patch --- dhcpcd-10.1.0/debian/patches/6acf895a66b143c42308777e085c1511cdebe5e0.patch 2025-12-25 11:40:14.000000000 +0200 +++ dhcpcd-10.1.0/debian/patches/6acf895a66b143c42308777e085c1511cdebe5e0.patch 2026-06-26 18:13:59.000000000 +0300 @@ -11,10 +11,8 @@ src/if-options.h | 4 ++-- 2 files changed, 5 insertions(+), 4 deletions(-) -Index: dhcpcd/src/dhcpcd.c -=================================================================== ---- dhcpcd.orig/src/dhcpcd.c 2025-12-25 12:13:07.890111273 +0200 -+++ dhcpcd/src/dhcpcd.c 2025-12-25 12:13:07.886111231 +0200 +--- a/src/dhcpcd.c ++++ b/src/dhcpcd.c @@ -208,7 +208,8 @@ eloop_exit(ctx->eloop, EXIT_FAILURE); return; @@ -34,10 +32,8 @@ { if (!dhcpcd_ipwaited(ctx)) return; -Index: dhcpcd/src/if-options.h -=================================================================== ---- dhcpcd.orig/src/if-options.h 2025-12-25 12:13:07.890111273 +0200 -+++ dhcpcd/src/if-options.h 2025-12-25 12:13:07.886111231 +0200 +--- a/src/if-options.h ++++ b/src/if-options.h @@ -85,7 +85,7 @@ #define DHCPCD_ANONYMOUS (1ULL << 21) #define DHCPCD_BACKGROUND (1ULL << 22) diff -Nru dhcpcd-10.1.0/debian/patches/708b4a56bae080a5b18c2e0c4c6fbe103131a2b0.patch dhcpcd-10.1.0/debian/patches/708b4a56bae080a5b18c2e0c4c6fbe103131a2b0.patch --- dhcpcd-10.1.0/debian/patches/708b4a56bae080a5b18c2e0c4c6fbe103131a2b0.patch 1970-01-01 02:00:00.000000000 +0200 +++ dhcpcd-10.1.0/debian/patches/708b4a56bae080a5b18c2e0c4c6fbe103131a2b0.patch 2026-06-26 18:13:59.000000000 +0300 @@ -0,0 +1,22 @@ +From 708b4a56bae080a5b18c2e0c4c6fbe103131a2b0 Mon Sep 17 00:00:00 2001 +From: Roy Marples <[email protected]> +Date: Tue, 23 Jun 2026 00:34:58 +0100 +Subject: [PATCH] IPv6ND: Free routeinfo when it expires (#670) + +Fixes: CVE-2026-56116 + +Reported-by: CuB3y0nd <[email protected]> +--- + src/ipv6nd.c | 1 + + 1 file changed, 1 insertion(+) + +--- a/src/ipv6nd.c ++++ b/src/ipv6nd.c +@@ -1790,6 +1790,7 @@ + logwarnx("%s: expired route %s", + rap->iface->name, rinfo->sprefix); + TAILQ_REMOVE(&rap->rinfos, rinfo, next); ++ free(rinfo); + } + } + diff -Nru dhcpcd-10.1.0/debian/patches/78ea09ed1633a583dbcde6e7bab9df4639ec8a34.patch dhcpcd-10.1.0/debian/patches/78ea09ed1633a583dbcde6e7bab9df4639ec8a34.patch --- dhcpcd-10.1.0/debian/patches/78ea09ed1633a583dbcde6e7bab9df4639ec8a34.patch 1970-01-01 02:00:00.000000000 +0200 +++ dhcpcd-10.1.0/debian/patches/78ea09ed1633a583dbcde6e7bab9df4639ec8a34.patch 2026-06-26 18:14:00.000000000 +0300 @@ -0,0 +1,154 @@ +From 78ea09ed1633a583dbcde6e7bab9df4639ec8a34 Mon Sep 17 00:00:00 2001 +From: Roy Marples <[email protected]> +Date: Mon, 22 Jun 2026 23:41:53 +0100 +Subject: [PATCH] control: Avoid hangup in the recvdata path + +Instead return an error and bubble it up where it can be +hangup / freed more cleanly. + +Fixes: CVE-2026-56117 + +Reported-by: CuB3y0nd <[email protected]> +--- + src/control.c | 47 ++++++++++++++++++++++++------------------- + src/control.h | 2 +- + src/privsep-control.c | 7 ++++++- + 3 files changed, 33 insertions(+), 23 deletions(-) + +--- a/src/control.c ++++ b/src/control.c +@@ -115,10 +115,8 @@ + bytes = read(fd->fd, buffer, sizeof(buffer) - 1); + if (bytes == -1) + logerr(__func__); +- if (bytes == -1 || bytes == 0) { +- control_hangup(fd); +- return -1; +- } ++ if (bytes == -1 || bytes == 0) ++ return (int)bytes; + + #ifdef PRIVSEP + if (IN_PRIVSEP(fd->ctx)) { +@@ -134,15 +132,13 @@ + if (err == 1 && + ps_ctl_sendargs(fd, buffer, (size_t)bytes) == -1) { + logerr(__func__); +- control_free(fd); + return -1; + } +- return 0; ++ return 1; + } + #endif + +- control_recvdata(fd, buffer, (size_t)bytes); +- return 0; ++ return control_recvdata(fd, buffer, (size_t)bytes); + } + + static int +@@ -205,23 +201,31 @@ + control_handle_data(void *arg, unsigned short events) + { + struct fd_list *fd = arg; ++ int err; + + if (!(events & (ELE_READ | ELE_WRITE | ELE_HANGUP))) + logerrx("%s: unexpected event 0x%04x", __func__, events); + + if (events & ELE_WRITE && !(events & ELE_HANGUP)) { +- if (control_handle_write(fd) == -1) +- return; ++ err = control_handle_write(fd); ++ if (err == -1) ++ goto hangup; + } + if (events & ELE_READ) { +- if (control_handle_read(fd) == -1) +- return; ++ err = control_handle_read(fd); ++ if (err == -1 || err == 0) ++ goto hangup; + } + if (events & ELE_HANGUP) +- control_hangup(fd); ++ goto hangup; ++ ++ return; ++ ++hangup: ++ control_hangup(fd); + } + +-void ++int + control_recvdata(struct fd_list *fd, char *data, size_t len) + { + char *p = data, *e; +@@ -243,12 +247,13 @@ + if (e == NULL) { + errno = EINVAL; + logerrx("%s: no terminator", __func__); +- return; ++ return -1; + } +- if ((size_t)argc >= sizeof(argvp) / sizeof(argvp[0])) { ++ if ((size_t)argc + 1 >= ++ sizeof(argvp) / sizeof(argvp[0])) { + errno = ENOBUFS; + logerrx("%s: no arg buffer", __func__); +- return; ++ return -1; + } + *ap++ = p; + argc++; +@@ -268,12 +273,12 @@ + *ap = NULL; + if (dhcpcd_handleargs(fd->ctx, fd, argc, argvp) == -1) { + logerr(__func__); +- if (errno != EINTR && errno != EAGAIN) { +- control_free(fd); +- return; +- } ++ if (errno != EINTR && errno != EAGAIN) ++ return -1; + } + } ++ ++ return 1; + } + + struct fd_list * +--- a/src/control.h ++++ b/src/control.h +@@ -75,5 +75,5 @@ + void control_free(struct fd_list *); + void control_delete(struct fd_list *); + int control_queue(struct fd_list *, void *, size_t); +-void control_recvdata(struct fd_list *fd, char *, size_t); ++int control_recvdata(struct fd_list *fd, char *, size_t); + #endif +--- a/src/privsep-control.c ++++ b/src/privsep-control.c +@@ -110,6 +110,7 @@ + struct iovec *iov = msg->msg_iov; + struct fd_list *fd; + unsigned int fd_flags = FD_SENDLEN; ++ int err; + + switch (psm->ps_flags) { + case PS_CTL_PRIV: +@@ -133,7 +134,11 @@ + if (fd == NULL) + return -1; + ctx->ps_control_client = fd; +- control_recvdata(fd, iov->iov_base, iov->iov_len); ++ err = control_recvdata(fd, iov->iov_base, iov->iov_len); ++ if (err == -1 || err == 0) { ++ control_free(fd); ++ ctx->ps_control_client = NULL; ++ } + break; + case PS_CTL_EOF: + ctx->ps_control_client = NULL; diff -Nru dhcpcd-10.1.0/debian/patches/79c195b92f892c6f22fa07332c10fd9c2a8b679a.patch dhcpcd-10.1.0/debian/patches/79c195b92f892c6f22fa07332c10fd9c2a8b679a.patch --- dhcpcd-10.1.0/debian/patches/79c195b92f892c6f22fa07332c10fd9c2a8b679a.patch 2025-12-25 11:40:14.000000000 +0200 +++ dhcpcd-10.1.0/debian/patches/79c195b92f892c6f22fa07332c10fd9c2a8b679a.patch 2026-06-26 18:13:59.000000000 +0300 @@ -12,10 +12,8 @@ src/dhcpcd.conf | 5 ----- 1 file changed, 5 deletions(-) -Index: dhcpcd/src/dhcpcd.conf -=================================================================== ---- dhcpcd.orig/src/dhcpcd.conf 2025-12-25 12:13:02.454054469 +0200 -+++ dhcpcd/src/dhcpcd.conf 2025-12-25 12:13:02.450054426 +0200 +--- a/src/dhcpcd.conf ++++ b/src/dhcpcd.conf @@ -34,11 +34,6 @@ # Most distributions have NTP support. option ntp_servers diff -Nru dhcpcd-10.1.0/debian/patches/Debian_uncomment_hostname_in_dhcpcd_conf.patch dhcpcd-10.1.0/debian/patches/Debian_uncomment_hostname_in_dhcpcd_conf.patch --- dhcpcd-10.1.0/debian/patches/Debian_uncomment_hostname_in_dhcpcd_conf.patch 2025-12-25 11:40:14.000000000 +0200 +++ dhcpcd-10.1.0/debian/patches/Debian_uncomment_hostname_in_dhcpcd_conf.patch 2026-06-26 15:50:44.000000000 +0300 @@ -6,10 +6,8 @@ Debian really wants DDNS to work out of the box, so let's uncomment 'hostname' in /etc/dhcpcd.conf until this has been fixed upstream. -Index: dhcpcd/src/dhcpcd.conf -=================================================================== ---- dhcpcd.orig/src/dhcpcd.conf 2025-12-25 11:45:29.344483026 +0200 -+++ dhcpcd/src/dhcpcd.conf 2025-12-25 11:45:34.000000000 +0200 +--- a/src/dhcpcd.conf ++++ b/src/dhcpcd.conf @@ -5,7 +5,7 @@ #controlgroup wheel diff -Nru dhcpcd-10.1.0/debian/patches/Debian_uncomment_ntp_servers_dhcpcd_conf.patch dhcpcd-10.1.0/debian/patches/Debian_uncomment_ntp_servers_dhcpcd_conf.patch --- dhcpcd-10.1.0/debian/patches/Debian_uncomment_ntp_servers_dhcpcd_conf.patch 2025-12-25 11:40:14.000000000 +0200 +++ dhcpcd-10.1.0/debian/patches/Debian_uncomment_ntp_servers_dhcpcd_conf.patch 2026-06-26 18:13:58.000000000 +0300 @@ -6,10 +6,8 @@ Debian really wants NTP to work out of the box, so let's uncomment 'ntp_servers' in /etc/dhcpcd.conf until this got fixed upstream. -Index: dhcpcd/src/dhcpcd.conf -=================================================================== ---- dhcpcd.orig/src/dhcpcd.conf 2025-12-25 12:09:38.715924208 +0200 -+++ dhcpcd/src/dhcpcd.conf 2025-12-25 12:09:38.715924208 +0200 +--- a/src/dhcpcd.conf ++++ b/src/dhcpcd.conf @@ -32,7 +32,7 @@ option host_name diff -Nru dhcpcd-10.1.0/debian/patches/e9e40400003db2e4f12dba85acabbaf2212a520f.patch dhcpcd-10.1.0/debian/patches/e9e40400003db2e4f12dba85acabbaf2212a520f.patch --- dhcpcd-10.1.0/debian/patches/e9e40400003db2e4f12dba85acabbaf2212a520f.patch 2025-12-25 11:40:14.000000000 +0200 +++ dhcpcd-10.1.0/debian/patches/e9e40400003db2e4f12dba85acabbaf2212a520f.patch 2026-06-26 18:13:58.000000000 +0300 @@ -10,10 +10,8 @@ src/privsep-linux.c | 3 +++ 1 file changed, 3 insertions(+) -Index: dhcpcd/src/privsep-linux.c -=================================================================== ---- dhcpcd.orig/src/privsep-linux.c 2025-12-25 11:45:29.352483114 +0200 -+++ dhcpcd/src/privsep-linux.c 2025-12-25 12:12:35.000000000 +0200 +--- a/src/privsep-linux.c ++++ b/src/privsep-linux.c @@ -409,6 +409,9 @@ #ifdef __NR_recvmsg SECCOMP_ALLOW(__NR_recvmsg), diff -Nru dhcpcd-10.1.0/debian/patches/eac7152ec04f5a330f01ab9504514a03f873b35c.patch dhcpcd-10.1.0/debian/patches/eac7152ec04f5a330f01ab9504514a03f873b35c.patch --- dhcpcd-10.1.0/debian/patches/eac7152ec04f5a330f01ab9504514a03f873b35c.patch 2025-12-25 11:40:14.000000000 +0200 +++ dhcpcd-10.1.0/debian/patches/eac7152ec04f5a330f01ab9504514a03f873b35c.patch 2026-06-26 18:13:59.000000000 +0300 @@ -8,10 +8,8 @@ src/ipv4.c | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) -Index: dhcpcd/src/ipv4.c -=================================================================== ---- dhcpcd.orig/src/ipv4.c 2025-12-25 12:13:16.966206104 +0200 -+++ dhcpcd/src/ipv4.c 2025-12-25 12:13:16.962206062 +0200 +--- a/src/ipv4.c ++++ b/src/ipv4.c @@ -524,6 +524,7 @@ struct ipv4_state *state; struct ipv4_addr *ap; diff -Nru dhcpcd-10.1.0/debian/patches/fdeb8c7945211d424c3a30912004eeb56e009865.patch dhcpcd-10.1.0/debian/patches/fdeb8c7945211d424c3a30912004eeb56e009865.patch --- dhcpcd-10.1.0/debian/patches/fdeb8c7945211d424c3a30912004eeb56e009865.patch 2025-12-25 11:40:14.000000000 +0200 +++ dhcpcd-10.1.0/debian/patches/fdeb8c7945211d424c3a30912004eeb56e009865.patch 2026-06-26 18:13:58.000000000 +0300 @@ -10,11 +10,9 @@ src/dhcp6.c | 45 ++++++++++++++++++++++++++++----------------- 1 file changed, 28 insertions(+), 17 deletions(-) -diff --git a/src/dhcp6.c b/src/dhcp6.c -index 9c875a1a..5d0050a5 100644 --- a/src/dhcp6.c +++ b/src/dhcp6.c -@@ -3302,7 +3302,7 @@ dhcp6_recvif(struct interface *ifp, const char *sfrom, +@@ -3302,7 +3302,7 @@ size_t i; const char *op; struct dhcp6_state *state; @@ -23,7 +21,7 @@ uint16_t ol; const struct dhcp_opt *opt; const struct if_options *ifo; -@@ -3464,16 +3464,24 @@ dhcp6_recvif(struct interface *ifp, const char *sfrom, +@@ -3464,16 +3464,24 @@ valid_op = false; break; } @@ -56,7 +54,7 @@ /* RFC7083 */ o = dhcp6_findmoption(r, len, D6_OPTION_SOL_MAX_RT, &ol); if (o && ol == sizeof(uint32_t)) { -@@ -3592,16 +3600,19 @@ dhcp6_recvif(struct interface *ifp, const char *sfrom, +@@ -3592,16 +3600,19 @@ if (ia == NULL) ia = TAILQ_FIRST(&state->addrs); if (ia == NULL) diff -Nru dhcpcd-10.1.0/debian/patches/series dhcpcd-10.1.0/debian/patches/series --- dhcpcd-10.1.0/debian/patches/series 2025-12-25 11:40:14.000000000 +0200 +++ dhcpcd-10.1.0/debian/patches/series 2026-06-26 18:13:25.000000000 +0300 @@ -8,3 +8,8 @@ 6acf895a66b143c42308777e085c1511cdebe5e0.patch 5db90127b1c3128480a52559a9cdbd4949a0fed4.patch eac7152ec04f5a330f01ab9504514a03f873b35c.patch +117742d755b591764036dd4218f314f748a3d2b7.patch +2f00c7bfc408b6582d331932dfa47829c4819029.patch +5733d3c59a5651f64357ac11c98b4f39895c8d25.patch +708b4a56bae080a5b18c2e0c4c6fbe103131a2b0.patch +78ea09ed1633a583dbcde6e7bab9df4639ec8a34.patch
