Hi Attached are tested diffs for Jessie and Wheezy.
Regards, Bastian -- Bastian Blank Berater Telefon: +49 2161 / 4643-194 E-Mail: [email protected] credativ GmbH, HRB Mönchengladbach 12080, USt-ID-Nummer: DE204566209 Hohenzollernstr. 133, 41061 Mönchengladbach Geschäftsführung: Dr. Michael Meskes, Jörg Folz, Sascha Heuer
diff -Nru isc-dhcp-4.2.2.dfsg.1/debian/changelog isc-dhcp-4.2.2.dfsg.1/debian/changelog --- isc-dhcp-4.2.2.dfsg.1/debian/changelog 2013-05-27 20:55:36.000000000 +0000 +++ isc-dhcp-4.2.2.dfsg.1/debian/changelog 2015-10-07 09:14:01.000000000 +0000 @@ -1,3 +1,9 @@ +isc-dhcp (4.2.2.dfsg.1-5+deb70u7) UNRELEASED; urgency=low + + * Fix error when max lease time is used on 64-bit systems (closes: #795227). + + -- Bastian Blank <[email protected]> Wed, 07 Oct 2015 09:12:44 +0000 + isc-dhcp (4.2.2.dfsg.1-5+deb70u6) stable-proposed-updates; urgency=medium * Set --with-ldapcrypto to restore openssl support (closes: #692808). diff -Nru isc-dhcp-4.2.2.dfsg.1/debian/patches/dhclient-64bit-time.patch isc-dhcp-4.2.2.dfsg.1/debian/patches/dhclient-64bit-time.patch --- isc-dhcp-4.2.2.dfsg.1/debian/patches/dhclient-64bit-time.patch 1970-01-01 00:00:00.000000000 +0000 +++ isc-dhcp-4.2.2.dfsg.1/debian/patches/dhclient-64bit-time.patch 2015-10-07 09:03:49.000000000 +0000 @@ -0,0 +1,30 @@ +description: fix for unsafe 64-bit time calculation on large leases +author: Ben Howard <[email protected]> +origin: https://bugzilla.redhat.com/attachment.cgi?id=600673 +bug: https://launchpad.net/bugs/1189571 +bug-debian: https://bugs.debian.org/795227 + +--- a/common/dispatch.c ++++ b/common/dispatch.c +@@ -339,7 +339,20 @@ void add_timeout (when, where, what, ref + q->next = timeouts; + timeouts = q; + +- isc_interval_set(&interval, sec & DHCP_SEC_MAX, usec * 1000); ++ /* isc_time_nowplusinterval() is not safe with 64-bit time_t and will ++ * return an error for sufficiently large intervals. We have to limit ++ * the interval to INT_MAX or less to ensure the interval doesn't ++ * overflow 32 bits, since the returned isc_time_t fields are ++ * 32-bit unsigned ints. ++ * ++ * HACK: The 9 is a magic number of seconds, since some time may have ++ * gone by since the last call to gettimeofday() and the one in ++ * isc_time_nowplusinterval(). ++ */ ++ if (sec > TIME_MAX) ++ sec = TIME_MAX - 9; ++ ++ isc_interval_set(&interval, sec, usec * 1000); + status = isc_time_nowplusinterval(&expires, &interval); + if (status != ISC_R_SUCCESS) { + /* diff -Nru isc-dhcp-4.2.2.dfsg.1/debian/patches/series isc-dhcp-4.2.2.dfsg.1/debian/patches/series --- isc-dhcp-4.2.2.dfsg.1/debian/patches/series 2013-02-16 20:40:20.000000000 +0000 +++ isc-dhcp-4.2.2.dfsg.1/debian/patches/series 2015-10-07 09:15:39.000000000 +0000 @@ -9,3 +9,4 @@ cve-2012-3954.patch cve-2012-3955.patch dhclient-exit-hook.patch +dhclient-64bit-time.patch
diff -Nru isc-dhcp-4.3.1/debian/changelog isc-dhcp-4.3.1/debian/changelog --- isc-dhcp-4.3.1/debian/changelog 2015-02-13 05:53:30.000000000 +0000 +++ isc-dhcp-4.3.1/debian/changelog 2015-10-07 09:06:24.000000000 +0000 @@ -1,3 +1,9 @@ +isc-dhcp (4.3.1-6+deb8u1) UNRELEASED; urgency=medium + + * Fix error when max lease time is used on 64-bit systems (closes: #795227). + + -- Bastian Blank <[email protected]> Wed, 07 Oct 2015 09:05:38 +0000 + isc-dhcp (4.3.1-6) unstable; urgency=medium * Fix a regression in error handling for the server's init script diff -Nru isc-dhcp-4.3.1/debian/patches/dhclient-64bit-time.patch isc-dhcp-4.3.1/debian/patches/dhclient-64bit-time.patch --- isc-dhcp-4.3.1/debian/patches/dhclient-64bit-time.patch 1970-01-01 00:00:00.000000000 +0000 +++ isc-dhcp-4.3.1/debian/patches/dhclient-64bit-time.patch 2015-10-07 09:03:56.000000000 +0000 @@ -0,0 +1,30 @@ +description: fix for unsafe 64-bit time calculation on large leases +author: Ben Howard <[email protected]> +origin: https://bugzilla.redhat.com/attachment.cgi?id=600673 +bug: https://launchpad.net/bugs/1189571 +bug-debian: https://bugs.debian.org/795227 + +--- a/common/dispatch.c ++++ b/common/dispatch.c +@@ -339,7 +339,20 @@ void add_timeout (when, where, what, ref + q->next = timeouts; + timeouts = q; + +- isc_interval_set(&interval, sec & DHCP_SEC_MAX, usec * 1000); ++ /* isc_time_nowplusinterval() is not safe with 64-bit time_t and will ++ * return an error for sufficiently large intervals. We have to limit ++ * the interval to INT_MAX or less to ensure the interval doesn't ++ * overflow 32 bits, since the returned isc_time_t fields are ++ * 32-bit unsigned ints. ++ * ++ * HACK: The 9 is a magic number of seconds, since some time may have ++ * gone by since the last call to gettimeofday() and the one in ++ * isc_time_nowplusinterval(). ++ */ ++ if (sec > TIME_MAX) ++ sec = TIME_MAX - 9; ++ ++ isc_interval_set(&interval, sec, usec * 1000); + status = isc_time_nowplusinterval(&expires, &interval); + if (status != ISC_R_SUCCESS) { + /* diff -Nru isc-dhcp-4.3.1/debian/patches/series isc-dhcp-4.3.1/debian/patches/series --- isc-dhcp-4.3.1/debian/patches/series 2014-12-15 00:02:05.000000000 +0000 +++ isc-dhcp-4.3.1/debian/patches/series 2015-10-07 09:04:33.000000000 +0000 @@ -1,6 +1,7 @@ dhclient-script-exit-status.patch dhclient-exit-hook.patch dhclient-dividebyzero.patch +dhclient-64bit-time.patch no-loopback-checksum.patch
