commit dhcp for openSUSE:12.1:Update:Test
Hello community,
here is the log from the commit of package dhcp for openSUSE:12.1:Update:Test
checked in at 2012-01-18 01:39:33
Comparing /work/SRC/openSUSE:12.1:Update:Test/dhcp (Old)
and /work/SRC/openSUSE:12.1:Update:Test/.dhcp.new (New)
Package is "dhcp", Maintainer is "m...@suse.com"
Changes:
--- /work/SRC/openSUSE:12.1:Update:Test/dhcp/dhcp.changes 2012-01-11
18:26:47.0 +0100
+++ /work/SRC/openSUSE:12.1:Update:Test/.dhcp.new/dhcp.changes 2012-01-18
01:39:35.0 +0100
@@ -1,0 +2,17 @@
+Fri Jan 13 15:26:43 UTC 2012 - m...@suse.com
+
+- Updated to ISC dhcp-4.2.3-P2 release, providing a DDNS security fix:
+ Modify the DDNS handling code. In a previous patch we added logging
+ code to the DDNS handling. This code included a bug that caused it
+ to attempt to dereference a NULL pointer and eventually segfault.
+ While reviewing the code as we addressed this problem, we determined
+ that some of the updates to the lease structures would not work as
+ planned since the structures being updated were in the process of
+ being freed: these updates were removed. In addition we removed an
+ incorrect call to the DDNS removal function that could cause a failure
+ during the removal of DDNS information from the DNS server.
+ Thanks to Jasper Jongmans for reporting this issue.
+ ([ISC-Bugs #27078], CVE: CVE-2011-4868, bnc#741239)
+- Removed obsolete dhcp-4.2.2-CVE-2011-4539-regex-DoS patch.
+
+---
Old:
dhcp-4.2.2-CVE-2011-4539-regex-DoS.bnc735610.diff
dhcp-4.2.2.tar.bz2
New:
dhcp-4.2.3-P2.tar.bz2
Other differences:
--
++ dhcp.spec ++
--- /var/tmp/diff_new_pack.5P8G8A/_old 2012-01-18 01:39:36.0 +0100
+++ /var/tmp/diff_new_pack.5P8G8A/_new 2012-01-18 01:39:36.0 +0100
@@ -17,7 +17,7 @@
# norootforbuild
-%define isc_version 4.2.2
+%define isc_version 4.2.3-P2
%define susefw2dir%{_sysconfdir}/sysconfig/SuSEfirewall2.d/services
%define omc_prefix/usr/share/omc
%define omc_svcdir%{omc_prefix}/svcinfo.d
@@ -40,8 +40,8 @@
License:BSD3c(or similar)
Group: Productivity/Networking/Boot/Servers
AutoReqProv:on
-Version:4.2.2
-Release:3
+Version:4.2.3.P2
+Release:0.
Summary:Common Files Used by ISC DHCP Software
Url:http://www.isc.org/software/dhcp
Source0:dhcp-%{isc_version}.tar.bz2
@@ -88,10 +88,9 @@
Patch45:dhcp-4.2.2-dhclient-option-checks.bnc675052.diff
Patch46:dhcp-4.2.2-close-on-exec.diff
Patch47:dhcp-4.2.2-quiet-dhclient.bnc711420.diff
-Patch48:dhcp-4.2.2-CVE-2011-4539-regex-DoS.bnc735610.diff
-Patch49:dhcp-4.2.2-dhclient-option_param-a.diff
-Patch50:dhcp-4.2.2-dhclient-log-pid.diff
-Patch51:dhcp-4.2.2-dhclient-zero-length-options.patch
+Patch48:dhcp-4.2.2-dhclient-option_param-a.diff
+Patch49:dhcp-4.2.2-dhclient-log-pid.diff
+Patch50:dhcp-4.2.2-dhclient-zero-length-options.patch
##
PreReq: /bin/touch /sbin/chkconfig sysconfig
BuildRoot: %{_tmppath}/%{name}-%{version}-build
@@ -223,7 +222,6 @@
%patch48 -p1
%patch49 -p1
%patch50 -p1
-%patch51 -p1
##
find . -type f -name \*.cat\* -exec rm -f {} \;
dos2unix contrib/ms2isc/*
--
To unsubscribe, e-mail: opensuse-commit+unsubscr...@opensuse.org
For additional commands, e-mail: opensuse-commit+h...@opensuse.org
commit dhcp for openSUSE:12.1:Update:Test
Hello community,
here is the log from the commit of package dhcp for openSUSE:12.1:Update:Test
checked in at 2012-01-11 18:26:45
Comparing /work/SRC/openSUSE:12.1:Update:Test/dhcp (Old)
and /work/SRC/openSUSE:12.1:Update:Test/.dhcp.new (New)
Package is "dhcp", Maintainer is "m...@suse.com"
Changes:
--- /work/SRC/openSUSE:12.1:Update:Test/dhcp/dhcp.changes 2011-12-09
16:44:58.0 +0100
+++ /work/SRC/openSUSE:12.1:Update:Test/.dhcp.new/dhcp.changes 2012-01-11
18:26:47.0 +0100
@@ -1,0 +2,10 @@
+Fri Jan 6 12:15:47 UTC 2012 - m...@suse.com
+
+- Fixed close-on-exec patch to not set it on stderr (bnc#732910)
+- Fixed incorrect "a" array type option parsing causing to discard
+ e.g. classless static routes from lease file [reported as ISC-Bug
+ 27289] and zero-length option parsing such as dhcp6.rapid-commit
+ in dhclient6 [reported as ISC-Bug 27314] (bnc#739696).
+- Fixed dhclient to include its pid number in syslog messages.
+
+---
New:
dhcp-4.2.2-dhclient-log-pid.diff
dhcp-4.2.2-dhclient-option_param-a.diff
dhcp-4.2.2-dhclient-zero-length-options.patch
Other differences:
--
++ dhcp.spec ++
--- /var/tmp/diff_new_pack.1oMSFm/_old 2012-01-11 18:26:47.0 +0100
+++ /var/tmp/diff_new_pack.1oMSFm/_new 2012-01-11 18:26:47.0 +0100
@@ -1,7 +1,7 @@
#
# spec file for package dhcp
#
-# Copyright (c) 2011 SUSE LINUX Products GmbH, Nuernberg, Germany.
+# Copyright (c) 2012 SUSE LINUX Products GmbH, Nuernberg, Germany.
#
# All modifications and additions to the file contributed by third parties
# remain the property of their copyright owners, unless otherwise agreed
@@ -89,6 +89,9 @@
Patch46:dhcp-4.2.2-close-on-exec.diff
Patch47:dhcp-4.2.2-quiet-dhclient.bnc711420.diff
Patch48:dhcp-4.2.2-CVE-2011-4539-regex-DoS.bnc735610.diff
+Patch49:dhcp-4.2.2-dhclient-option_param-a.diff
+Patch50:dhcp-4.2.2-dhclient-log-pid.diff
+Patch51:dhcp-4.2.2-dhclient-zero-length-options.patch
##
PreReq: /bin/touch /sbin/chkconfig sysconfig
BuildRoot: %{_tmppath}/%{name}-%{version}-build
@@ -218,6 +221,9 @@
%patch46 -p1
%patch47 -p1
%patch48 -p1
+%patch49 -p1
+%patch50 -p1
+%patch51 -p1
##
find . -type f -name \*.cat\* -exec rm -f {} \;
dos2unix contrib/ms2isc/*
++ dhcp-4.2.2-close-on-exec.diff ++
--- /var/tmp/diff_new_pack.1oMSFm/_old 2012-01-11 18:26:47.0 +0100
+++ /var/tmp/diff_new_pack.1oMSFm/_new 2012-01-11 18:26:47.0 +0100
@@ -24,21 +24,6 @@
index 82c26bb..a1cab01 100644
--- a/client/dhclient.c
+++ b/client/dhclient.c
-@@ -131,11 +131,11 @@ main(int argc, char **argv) {
- /* Make sure that file descriptors 0 (stdin), 1, (stdout), and
- 2 (stderr) are open. To do this, we assume that when we
- open a file the lowest available file descriptor is used. */
-- fd = open("/dev/null", O_RDWR);
-+ fd = open("/dev/null", O_RDWR | O_CLOEXEC);
- if (fd == 0)
-- fd = open("/dev/null", O_RDWR);
-+ fd = open("/dev/null", O_RDWR | O_CLOEXEC);
- if (fd == 1)
-- fd = open("/dev/null", O_RDWR);
-+ fd = open("/dev/null", O_RDWR | O_CLOEXEC);
- if (fd == 2)
- log_perror = 0; /* No sense logging to /dev/null. */
- else if (fd != -1)
@@ -423,7 +423,7 @@ main(int argc, char **argv) {
int e;
@@ -84,19 +69,6 @@
if (leaseFile == NULL) {
log_error ("can't create %s: %m", path_dhclient_db);
return 0;
-@@ -3472,9 +3472,9 @@ void go_daemon ()
- close(2);
-
- /* Reopen them on /dev/null. */
-- open("/dev/null", O_RDWR);
-- open("/dev/null", O_RDWR);
-- open("/dev/null", O_RDWR);
-+ open("/dev/null", O_RDWR | O_CLOEXEC);
-+ open("/dev/null", O_RDWR | O_CLOEXEC);
-+ open("/dev/null", O_RDWR | O_CLOEXEC);
-
- write_client_pid_file ();
-
diff --git a/common/bpf.c b/common/bpf.c
index 8bd5727..7b8f1d4 100644
--- a/common/bpf.c
@@ -276,21 +248,6 @@
index f21f16f..d2aa90e 100644
--- a/relay/dhcrelay.c
+++ b/relay/dhcrelay.c
-@@ -183,11 +183,11 @@ main(int argc, char **argv) {
- /* Make sure that file descriptors 0(stdin), 1,(stdout), and
- 2(stderr) are open. To do this, we assume that when we
- open a file the lowest available file descriptor is used. */
-- fd = open("/dev/null", O_RDWR);
-+ fd = open("/dev/null", O_RDWR | O_CLOEXEC);
- if (fd == 0)
-- fd = open("/dev/null", O_RDWR);
-+ fd = open("/dev/null", O_RDWR | O_CLOEXEC);
- if (fd == 1)
-- fd = op
commit dhcp for openSUSE:12.1:Update:Test
Hello community,
here is the log from the commit of package dhcp for openSUSE:12.1:Update:Test
checked in at 2011-12-09 16:44:52
Comparing /work/SRC/openSUSE:12.1:Update:Test/dhcp (Old)
and /work/SRC/openSUSE:12.1:Update:Test/.dhcp.new (New)
Package is "dhcp", Maintainer is "m...@suse.com"
Changes:
--- /work/SRC/openSUSE:12.1:Update:Test/dhcp/dhcp.changes 2011-12-09
16:44:57.0 +0100
+++ /work/SRC/openSUSE:12.1:Update:Test/.dhcp.new/dhcp.changes 2011-12-09
16:44:58.0 +0100
@@ -1,0 +2,10 @@
+Fri Dec 9 13:20:44 UTC 2011 - m...@suse.com
+
+- Applied security fix for a DoS due to processing certain regular
+ expressions, extracted from 4.2.3-P1 (bnc#735610, CVE-2011-4539):
+ * Add a check for a null pointer before calling the regexec function.
+Without out this check we could, under some circumstances, pass
+a null pointer to the regexec function causing it to segfault.
+Thanks to a report from BlueCat Networks. [ISC-Bugs #26704]
+
+---
New:
dhcp-4.2.2-CVE-2011-4539-regex-DoS.bnc735610.diff
Other differences:
--
++ dhcp.spec ++
--- /var/tmp/diff_new_pack.qElZuk/_old 2011-12-09 16:44:58.0 +0100
+++ /var/tmp/diff_new_pack.qElZuk/_new 2011-12-09 16:44:58.0 +0100
@@ -88,6 +88,7 @@
Patch45:dhcp-4.2.2-dhclient-option-checks.bnc675052.diff
Patch46:dhcp-4.2.2-close-on-exec.diff
Patch47:dhcp-4.2.2-quiet-dhclient.bnc711420.diff
+Patch48:dhcp-4.2.2-CVE-2011-4539-regex-DoS.bnc735610.diff
##
PreReq: /bin/touch /sbin/chkconfig sysconfig
BuildRoot: %{_tmppath}/%{name}-%{version}-build
@@ -216,6 +217,7 @@
%patch45 -p1
%patch46 -p1
%patch47 -p1
+%patch48 -p1
##
find . -type f -name \*.cat\* -exec rm -f {} \;
dos2unix contrib/ms2isc/*
++ dhcp-4.2.2-CVE-2011-4539-regex-DoS.bnc735610.diff ++
>From 34f5e08fd3265f950b460dd5886d15984e69a765 Mon Sep 17 00:00:00 2001
From: Marius Tomaschewski
Date: Fri, 9 Dec 2011 13:45:53 +0100
Subject: [PATCH] CVE-2011-4539 regex DoS
Extracted from 4.2.3-P1:
Add a check for a null pointer before calling the regexec function.
Without out this check we could, under some circumstances, pass
a null pointer to the regexec function causing it to segfault.
Thanks to a report from BlueCat Networks. [ISC-Bugs #26704].
Signed-off-by: Marius Tomaschewski
---
common/dhcp-eval.5 |4 ++--
common/tree.c |1 +
2 files changed, 3 insertions(+), 2 deletions(-)
diff --git a/common/dhcp-eval.5 b/common/dhcp-eval.5
index 7228929..55765d4 100644
--- a/common/dhcp-eval.5
+++ b/common/dhcp-eval.5
@@ -133,8 +133,8 @@ extended regex(7) matching of the values of two data
expressions, returning
true if \fIdata-expression-1\fR matches against the regular expression
evaluated by \fIdata-expression-2\fR, or false if it does not match or
encounters some error. If either the left-hand side or the right-hand side
-are null, the result is also false. The \fB~~\fR operator differs from the
-\fB~=\fR operator in that it is case-insensitive.
+are null or empty strings, the result is also false. The \fB~~\fR operator
+differs from the \fB~=\fR operator in that it is case-insensitive.
.RE
.PP
.I boolean-expression-1 \fBand\fR \fIboolean-expression-2\fR
diff --git a/common/tree.c b/common/tree.c
index d09107b..3c978b0 100644
--- a/common/tree.c
+++ b/common/tree.c
@@ -1120,6 +1120,7 @@ int evaluate_boolean_expression (result, packet, lease,
client_state,
*result = 0;
memset(&re, 0, sizeof(re));
if (bleft && bright &&
+ (left.data != NULL) && (right.data != NULL) &&
(regcomp(&re, (char *)right.data, regflags) == 0) &&
(regexec(&re, (char *)left.data, (size_t)0, NULL, 0) == 0))
*result = 1;
--
1.7.3.4
--
To unsubscribe, e-mail: opensuse-commit+unsubscr...@opensuse.org
For additional commands, e-mail: opensuse-commit+h...@opensuse.org
