commit dhcp for openSUSE:12.1:Update:Test
Hello community, here is the log from the commit of package dhcp for openSUSE:12.1:Update:Test checked in at 2012-01-18 01:39:33 Comparing /work/SRC/openSUSE:12.1:Update:Test/dhcp (Old) and /work/SRC/openSUSE:12.1:Update:Test/.dhcp.new (New) Package is "dhcp", Maintainer is "m...@suse.com" Changes: --- /work/SRC/openSUSE:12.1:Update:Test/dhcp/dhcp.changes 2012-01-11 18:26:47.0 +0100 +++ /work/SRC/openSUSE:12.1:Update:Test/.dhcp.new/dhcp.changes 2012-01-18 01:39:35.0 +0100 @@ -1,0 +2,17 @@ +Fri Jan 13 15:26:43 UTC 2012 - m...@suse.com + +- Updated to ISC dhcp-4.2.3-P2 release, providing a DDNS security fix: + Modify the DDNS handling code. In a previous patch we added logging + code to the DDNS handling. This code included a bug that caused it + to attempt to dereference a NULL pointer and eventually segfault. + While reviewing the code as we addressed this problem, we determined + that some of the updates to the lease structures would not work as + planned since the structures being updated were in the process of + being freed: these updates were removed. In addition we removed an + incorrect call to the DDNS removal function that could cause a failure + during the removal of DDNS information from the DNS server. + Thanks to Jasper Jongmans for reporting this issue. + ([ISC-Bugs #27078], CVE: CVE-2011-4868, bnc#741239) +- Removed obsolete dhcp-4.2.2-CVE-2011-4539-regex-DoS patch. + +--- Old: dhcp-4.2.2-CVE-2011-4539-regex-DoS.bnc735610.diff dhcp-4.2.2.tar.bz2 New: dhcp-4.2.3-P2.tar.bz2 Other differences: -- ++ dhcp.spec ++ --- /var/tmp/diff_new_pack.5P8G8A/_old 2012-01-18 01:39:36.0 +0100 +++ /var/tmp/diff_new_pack.5P8G8A/_new 2012-01-18 01:39:36.0 +0100 @@ -17,7 +17,7 @@ # norootforbuild -%define isc_version 4.2.2 +%define isc_version 4.2.3-P2 %define susefw2dir%{_sysconfdir}/sysconfig/SuSEfirewall2.d/services %define omc_prefix/usr/share/omc %define omc_svcdir%{omc_prefix}/svcinfo.d @@ -40,8 +40,8 @@ License:BSD3c(or similar) Group: Productivity/Networking/Boot/Servers AutoReqProv:on -Version:4.2.2 -Release:3 +Version:4.2.3.P2 +Release:0. Summary:Common Files Used by ISC DHCP Software Url:http://www.isc.org/software/dhcp Source0:dhcp-%{isc_version}.tar.bz2 @@ -88,10 +88,9 @@ Patch45:dhcp-4.2.2-dhclient-option-checks.bnc675052.diff Patch46:dhcp-4.2.2-close-on-exec.diff Patch47:dhcp-4.2.2-quiet-dhclient.bnc711420.diff -Patch48:dhcp-4.2.2-CVE-2011-4539-regex-DoS.bnc735610.diff -Patch49:dhcp-4.2.2-dhclient-option_param-a.diff -Patch50:dhcp-4.2.2-dhclient-log-pid.diff -Patch51:dhcp-4.2.2-dhclient-zero-length-options.patch +Patch48:dhcp-4.2.2-dhclient-option_param-a.diff +Patch49:dhcp-4.2.2-dhclient-log-pid.diff +Patch50:dhcp-4.2.2-dhclient-zero-length-options.patch ## PreReq: /bin/touch /sbin/chkconfig sysconfig BuildRoot: %{_tmppath}/%{name}-%{version}-build @@ -223,7 +222,6 @@ %patch48 -p1 %patch49 -p1 %patch50 -p1 -%patch51 -p1 ## find . -type f -name \*.cat\* -exec rm -f {} \; dos2unix contrib/ms2isc/* -- To unsubscribe, e-mail: opensuse-commit+unsubscr...@opensuse.org For additional commands, e-mail: opensuse-commit+h...@opensuse.org
commit dhcp for openSUSE:12.1:Update:Test
Hello community, here is the log from the commit of package dhcp for openSUSE:12.1:Update:Test checked in at 2012-01-11 18:26:45 Comparing /work/SRC/openSUSE:12.1:Update:Test/dhcp (Old) and /work/SRC/openSUSE:12.1:Update:Test/.dhcp.new (New) Package is "dhcp", Maintainer is "m...@suse.com" Changes: --- /work/SRC/openSUSE:12.1:Update:Test/dhcp/dhcp.changes 2011-12-09 16:44:58.0 +0100 +++ /work/SRC/openSUSE:12.1:Update:Test/.dhcp.new/dhcp.changes 2012-01-11 18:26:47.0 +0100 @@ -1,0 +2,10 @@ +Fri Jan 6 12:15:47 UTC 2012 - m...@suse.com + +- Fixed close-on-exec patch to not set it on stderr (bnc#732910) +- Fixed incorrect "a" array type option parsing causing to discard + e.g. classless static routes from lease file [reported as ISC-Bug + 27289] and zero-length option parsing such as dhcp6.rapid-commit + in dhclient6 [reported as ISC-Bug 27314] (bnc#739696). +- Fixed dhclient to include its pid number in syslog messages. + +--- New: dhcp-4.2.2-dhclient-log-pid.diff dhcp-4.2.2-dhclient-option_param-a.diff dhcp-4.2.2-dhclient-zero-length-options.patch Other differences: -- ++ dhcp.spec ++ --- /var/tmp/diff_new_pack.1oMSFm/_old 2012-01-11 18:26:47.0 +0100 +++ /var/tmp/diff_new_pack.1oMSFm/_new 2012-01-11 18:26:47.0 +0100 @@ -1,7 +1,7 @@ # # spec file for package dhcp # -# Copyright (c) 2011 SUSE LINUX Products GmbH, Nuernberg, Germany. +# Copyright (c) 2012 SUSE LINUX Products GmbH, Nuernberg, Germany. # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed @@ -89,6 +89,9 @@ Patch46:dhcp-4.2.2-close-on-exec.diff Patch47:dhcp-4.2.2-quiet-dhclient.bnc711420.diff Patch48:dhcp-4.2.2-CVE-2011-4539-regex-DoS.bnc735610.diff +Patch49:dhcp-4.2.2-dhclient-option_param-a.diff +Patch50:dhcp-4.2.2-dhclient-log-pid.diff +Patch51:dhcp-4.2.2-dhclient-zero-length-options.patch ## PreReq: /bin/touch /sbin/chkconfig sysconfig BuildRoot: %{_tmppath}/%{name}-%{version}-build @@ -218,6 +221,9 @@ %patch46 -p1 %patch47 -p1 %patch48 -p1 +%patch49 -p1 +%patch50 -p1 +%patch51 -p1 ## find . -type f -name \*.cat\* -exec rm -f {} \; dos2unix contrib/ms2isc/* ++ dhcp-4.2.2-close-on-exec.diff ++ --- /var/tmp/diff_new_pack.1oMSFm/_old 2012-01-11 18:26:47.0 +0100 +++ /var/tmp/diff_new_pack.1oMSFm/_new 2012-01-11 18:26:47.0 +0100 @@ -24,21 +24,6 @@ index 82c26bb..a1cab01 100644 --- a/client/dhclient.c +++ b/client/dhclient.c -@@ -131,11 +131,11 @@ main(int argc, char **argv) { - /* Make sure that file descriptors 0 (stdin), 1, (stdout), and - 2 (stderr) are open. To do this, we assume that when we - open a file the lowest available file descriptor is used. */ -- fd = open("/dev/null", O_RDWR); -+ fd = open("/dev/null", O_RDWR | O_CLOEXEC); - if (fd == 0) -- fd = open("/dev/null", O_RDWR); -+ fd = open("/dev/null", O_RDWR | O_CLOEXEC); - if (fd == 1) -- fd = open("/dev/null", O_RDWR); -+ fd = open("/dev/null", O_RDWR | O_CLOEXEC); - if (fd == 2) - log_perror = 0; /* No sense logging to /dev/null. */ - else if (fd != -1) @@ -423,7 +423,7 @@ main(int argc, char **argv) { int e; @@ -84,19 +69,6 @@ if (leaseFile == NULL) { log_error ("can't create %s: %m", path_dhclient_db); return 0; -@@ -3472,9 +3472,9 @@ void go_daemon () - close(2); - - /* Reopen them on /dev/null. */ -- open("/dev/null", O_RDWR); -- open("/dev/null", O_RDWR); -- open("/dev/null", O_RDWR); -+ open("/dev/null", O_RDWR | O_CLOEXEC); -+ open("/dev/null", O_RDWR | O_CLOEXEC); -+ open("/dev/null", O_RDWR | O_CLOEXEC); - - write_client_pid_file (); - diff --git a/common/bpf.c b/common/bpf.c index 8bd5727..7b8f1d4 100644 --- a/common/bpf.c @@ -276,21 +248,6 @@ index f21f16f..d2aa90e 100644 --- a/relay/dhcrelay.c +++ b/relay/dhcrelay.c -@@ -183,11 +183,11 @@ main(int argc, char **argv) { - /* Make sure that file descriptors 0(stdin), 1,(stdout), and - 2(stderr) are open. To do this, we assume that when we - open a file the lowest available file descriptor is used. */ -- fd = open("/dev/null", O_RDWR); -+ fd = open("/dev/null", O_RDWR | O_CLOEXEC); - if (fd == 0) -- fd = open("/dev/null", O_RDWR); -+ fd = open("/dev/null", O_RDWR | O_CLOEXEC); - if (fd == 1) -- fd = op
commit dhcp for openSUSE:12.1:Update:Test
Hello community, here is the log from the commit of package dhcp for openSUSE:12.1:Update:Test checked in at 2011-12-09 16:44:52 Comparing /work/SRC/openSUSE:12.1:Update:Test/dhcp (Old) and /work/SRC/openSUSE:12.1:Update:Test/.dhcp.new (New) Package is "dhcp", Maintainer is "m...@suse.com" Changes: --- /work/SRC/openSUSE:12.1:Update:Test/dhcp/dhcp.changes 2011-12-09 16:44:57.0 +0100 +++ /work/SRC/openSUSE:12.1:Update:Test/.dhcp.new/dhcp.changes 2011-12-09 16:44:58.0 +0100 @@ -1,0 +2,10 @@ +Fri Dec 9 13:20:44 UTC 2011 - m...@suse.com + +- Applied security fix for a DoS due to processing certain regular + expressions, extracted from 4.2.3-P1 (bnc#735610, CVE-2011-4539): + * Add a check for a null pointer before calling the regexec function. +Without out this check we could, under some circumstances, pass +a null pointer to the regexec function causing it to segfault. +Thanks to a report from BlueCat Networks. [ISC-Bugs #26704] + +--- New: dhcp-4.2.2-CVE-2011-4539-regex-DoS.bnc735610.diff Other differences: -- ++ dhcp.spec ++ --- /var/tmp/diff_new_pack.qElZuk/_old 2011-12-09 16:44:58.0 +0100 +++ /var/tmp/diff_new_pack.qElZuk/_new 2011-12-09 16:44:58.0 +0100 @@ -88,6 +88,7 @@ Patch45:dhcp-4.2.2-dhclient-option-checks.bnc675052.diff Patch46:dhcp-4.2.2-close-on-exec.diff Patch47:dhcp-4.2.2-quiet-dhclient.bnc711420.diff +Patch48:dhcp-4.2.2-CVE-2011-4539-regex-DoS.bnc735610.diff ## PreReq: /bin/touch /sbin/chkconfig sysconfig BuildRoot: %{_tmppath}/%{name}-%{version}-build @@ -216,6 +217,7 @@ %patch45 -p1 %patch46 -p1 %patch47 -p1 +%patch48 -p1 ## find . -type f -name \*.cat\* -exec rm -f {} \; dos2unix contrib/ms2isc/* ++ dhcp-4.2.2-CVE-2011-4539-regex-DoS.bnc735610.diff ++ >From 34f5e08fd3265f950b460dd5886d15984e69a765 Mon Sep 17 00:00:00 2001 From: Marius Tomaschewski Date: Fri, 9 Dec 2011 13:45:53 +0100 Subject: [PATCH] CVE-2011-4539 regex DoS Extracted from 4.2.3-P1: Add a check for a null pointer before calling the regexec function. Without out this check we could, under some circumstances, pass a null pointer to the regexec function causing it to segfault. Thanks to a report from BlueCat Networks. [ISC-Bugs #26704]. Signed-off-by: Marius Tomaschewski --- common/dhcp-eval.5 |4 ++-- common/tree.c |1 + 2 files changed, 3 insertions(+), 2 deletions(-) diff --git a/common/dhcp-eval.5 b/common/dhcp-eval.5 index 7228929..55765d4 100644 --- a/common/dhcp-eval.5 +++ b/common/dhcp-eval.5 @@ -133,8 +133,8 @@ extended regex(7) matching of the values of two data expressions, returning true if \fIdata-expression-1\fR matches against the regular expression evaluated by \fIdata-expression-2\fR, or false if it does not match or encounters some error. If either the left-hand side or the right-hand side -are null, the result is also false. The \fB~~\fR operator differs from the -\fB~=\fR operator in that it is case-insensitive. +are null or empty strings, the result is also false. The \fB~~\fR operator +differs from the \fB~=\fR operator in that it is case-insensitive. .RE .PP .I boolean-expression-1 \fBand\fR \fIboolean-expression-2\fR diff --git a/common/tree.c b/common/tree.c index d09107b..3c978b0 100644 --- a/common/tree.c +++ b/common/tree.c @@ -1120,6 +1120,7 @@ int evaluate_boolean_expression (result, packet, lease, client_state, *result = 0; memset(&re, 0, sizeof(re)); if (bleft && bright && + (left.data != NULL) && (right.data != NULL) && (regcomp(&re, (char *)right.data, regflags) == 0) && (regexec(&re, (char *)left.data, (size_t)0, NULL, 0) == 0)) *result = 1; -- 1.7.3.4 -- To unsubscribe, e-mail: opensuse-commit+unsubscr...@opensuse.org For additional commands, e-mail: opensuse-commit+h...@opensuse.org