commit dhcpv6 for openSUSE:Factory
Hello community, here is the log from the commit of package dhcpv6 for openSUSE:Factory checked in at Wed Aug 31 10:49:23 CEST 2011. --- dhcpv6/dhcpv6.changes 2011-04-05 20:56:16.0 +0200 +++ /mounts/work_src_done/STABLE/dhcpv6/dhcpv6.changes 2011-08-29 21:49:52.0 +0200 @@ -1,0 +2,5 @@ +Mon Aug 29 19:48:18 UTC 2011 - m...@suse.com + +- Cleaned up (lock/subsys) in dhcp6s and dhcp6r scripts (bnc#714617) + +--- calling whatdependson for head-i586 Other differences: -- ++ dhcpv6.spec ++ --- /var/tmp/diff_new_pack.QjDP0C/_old 2011-08-31 10:48:08.0 +0200 +++ /var/tmp/diff_new_pack.QjDP0C/_new 2011-08-31 10:48:08.0 +0200 @@ -26,7 +26,7 @@ Group: Productivity/Networking/System Summary:DHCP Client and Server for IPv6 Version:1.0.22 -Release:16 +Release:18 Source0:%{name}-%{version}.tar.bz2 Patch1: %{name}-%{version}-destdir.patch Patch2: %{name}-%{version}-cmd.patch @@ -90,6 +90,10 @@ make clean make %{?_smp_mflags} +%check +bash -n etc/init.d/dhcp6s.sh +bash -n etc/init.d/dhcp6r.sh + %install mkdir -p $RPM_BUILD_ROOT/usr/sbin mkdir -p $RPM_BUILD_ROOT/%{_mandir}/man{8,5} @@ -114,6 +118,8 @@ %{stop_on_removal dhcp6s} %postun +%{restart_on_update dhcp6r} +%{restart_on_update dhcp6s} %{insserv_cleanup dhcp6r} %{insserv_cleanup dhcp6s} ++ dhcpv6-1.0.22-destdir.patch ++ --- /var/tmp/diff_new_pack.QjDP0C/_old 2011-08-31 10:48:08.0 +0200 +++ /var/tmp/diff_new_pack.QjDP0C/_new 2011-08-31 10:48:08.0 +0200 @@ -1,7 +1,5 @@ -Index: dhcpv6-1.0.20/etc/init.d/dhcp6r.sh -=== dhcpv6-1.0.20.orig/etc/init.d/dhcp6r.sh -+++ dhcpv6-1.0.20/etc/init.d/dhcp6r.sh +--- dhcpv6-1.0.22/etc/init.d/dhcp6r.sh dhcpv6-1.0.22/etc/init.d/dhcp6r.sh 2011/08/29 19:38:58 @@ -2,11 +2,10 @@ # ### BEGIN INIT INFO @@ -18,7 +16,7 @@ # Short-Description: Start and stop the DHCPv6 relay agent # Description: dhcp6r acts as a DHCPv6 relay agent forwarding DHCPv6 messages # from clients to servers and vice versa. -@@ -18,9 +17,11 @@ +@@ -18,45 +17,36 @@ # description: dhcp6r acts as a DHCPv6 relay agent forwarding DHCPv6 messages \ # from clients to servers and vice versa. # processname: dhcp6r @@ -32,15 +30,16 @@ RETVAL=0 -@@ -28,34 +29,25 @@ prog=dhcp6r ++conf=/etc/sysconfig/network/dhcp6r + prog=dhcp6r dhcp6r=/usr/sbin/dhcp6r - lockfile=/var/lock/subsys/dhcp6r - +-lockfile=/var/lock/subsys/dhcp6r +- -# Check that networking is up. -# networking is not up, return 1 for generic error -. /etc/sysconfig/network -[ $NETWORKING = "no" ] && exit 1 -- + start() { # return 5 if program is not installed -[ -x $dhcp6r ] || exit 5 @@ -52,27 +51,30 @@ +[ -f /etc/sysconfig/network/dhcp6r ] || return 6 +. /etc/sysconfig/network/dhcp6r - echo -n $"Starting $prog: " +-echo -n $"Starting $prog: " -daemon $dhcp6r $DHCP6RARGS ++echo -n $"Starting $prog " +startproc $dhcp6r $DHCP6RARGS RETVAL=$? -echo - [ $RETVAL -eq 0 ] && touch $lockfile +-[ $RETVAL -eq 0 ] && touch $lockfile return $RETVAL } stop() { - echo -n $"Shutting down $prog: " +-echo -n $"Shutting down $prog: " -killproc $prog -TERM ++echo -n $"Shutting down $prog " +killproc $dhcp6r RETVAL=$? -echo -[ $RETVAL -eq 0 ] && success || failure -echo - rm -f $lockfile +-rm -f $lockfile return $RETVAL } -@@ -64,33 +56,36 @@ stop() { + +@@ -64,33 +54,49 @@ stop() { case "$1" in start) start @@ -84,45 +86,63 @@ -RETVAL=$? +rc_status -v ;; - restart|force-reload) - [ -f $lockfile ] && stop +-restart|force-reload) +-[ -f $lockfile ] && stop ++restart) ++stop start -RETVAL=$? -+rc_status -v - ;; - try-restart|reload) +-;; +-try-restart|reload) -RETVAL=3 -+ rc_failed 3 -+ rc_status -v ++rc_status ;; - condrestart) - if [ -f $lockfile ]; then - stop && start -+rc_status -v -+else -+rc_status -s +-condrestart) +-if [ -f $lockfile ]; then +-stop && start ++try-restart|condrestart) ++if test "$1" = "condrestart"; then ++echo "${attn} Use try-restart ${done}(LSB)${attn} rather than condrestart ${warn}(RH)${norm}" fi ++$0 status ++if test $? = 0; then ++$0 restart ++else ++rc_reset ++fi ++rc_status ++;; ++reload) ++echo -n "Reload service $prog " ++rc_failed 3 ++rc_s
commit dhcpv6 for openSUSE:Factory
Hello community, here is the log from the commit of package dhcpv6 for openSUSE:Factory checked in at Wed Apr 6 11:48:05 CEST 2011. --- dhcpv6/dhcpv6.changes 2010-04-29 09:36:03.0 +0200 +++ /mounts/work_src_done/STABLE/dhcpv6/dhcpv6.changes 2011-04-05 20:56:16.0 +0200 @@ -1,0 +2,6 @@ +Wed Mar 30 10:16:31 UTC 2011 - m...@suse.de + +- Discard domain names with suspect characters or beeing too long + (bnc#675052,CVE-2011-0997). + +--- calling whatdependson for head-i586 New: dhcpv6-1.0.22-option-check.diff Other differences: -- ++ dhcpv6.spec ++ --- /var/tmp/diff_new_pack.dsyoqm/_old 2011-04-06 11:44:54.0 +0200 +++ /var/tmp/diff_new_pack.dsyoqm/_new 2011-04-06 11:44:54.0 +0200 @@ -1,7 +1,7 @@ # -# spec file for package dhcpv6 (Version 1.0.22) +# spec file for package dhcpv6 # -# Copyright (c) 2010 SUSE LINUX Products GmbH, Nuernberg, Germany. +# Copyright (c) 2011 SUSE LINUX Products GmbH, Nuernberg, Germany. # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed @@ -26,7 +26,7 @@ Group: Productivity/Networking/System Summary:DHCP Client and Server for IPv6 Version:1.0.22 -Release:6 +Release:16 Source0:%{name}-%{version}.tar.bz2 Patch1: %{name}-%{version}-destdir.patch Patch2: %{name}-%{version}-cmd.patch @@ -38,6 +38,7 @@ Patch8: dhcpv6-1.0.22-invalid-request-address-message.diff Patch9: dhcpv6-1.0.22-remove-released-leases.bnc524687.diff Patch10:dhcpv6-1.0.22-dhcp5r-pid-directory.diff +Patch11:dhcpv6-1.0.22-option-check.diff Provides: dhcp6 = 1.0.11 Obsoletes: dhcp6 < 1.0.11 BuildRoot: %{_tmppath}/%{name}-%{version}-build @@ -69,6 +70,7 @@ %patch8 -p0 %patch9 -p0 %patch10 -p0 +%patch11 -p0 %build touch NEWS ++ dhcpv6-1.0.22-option-check.diff ++ --- src/common.c +++ src/common.c2011/03/11 08:30:35 @@ -49,6 +49,8 @@ #include #include #include +#include +#include #ifdef TIME_WITH_SYS_TIME # include @@ -980,6 +982,40 @@ ssize_t gethwid(buf, len, ifname, hwtype #endif } +static int check_domain_name(const char *ptr, size_t len, int dots) +{ + const char *p; + + /* not empty or complete length not over 255 characters */ + if (len == 0 || len >= 256) + return -1; + + /* consists of [[:alnum:]-]+ labels separated by [.] */ + /* a [_] is against RFC but seems to be "widely used"... */ + for (p=ptr; *p && len-- > 0; p++) { + if ( *p == '-' || *p == '_') { + /* not allowed at begin or end of a label */ + if ((p - ptr) == 0 || len == 0 || p[1] == '.') + return -1; + } else + if ( *p == '.') { + /* each label has to be 1-63 characters; + we allow [.] at the end ('foo.bar.') */ + ptrdiff_t d = p - ptr; + if( d <= 0 || d >= 64) + return -1; + ptr = p + 1; /* jump to the next label*/ + if(dots > 0 && len > 0) + dots--; + } else + if ( !isalnum((unsigned char)*p)) { + /* also numbers at the begin are fine */ + return -1; + } + } + return dots ? -1 : 0; +} + void dhcp6_init_options(struct dhcp6_optinfo *optinfo) { memset(optinfo, 0, sizeof(*optinfo)); /* for safety */ @@ -1289,6 +1325,16 @@ int dhcp6_get_options(struct dhcp6opt *p goto malformed; else { val += n; +if (dhcp6_mode == DHCP6_MODE_CLIENT) { +if(check_domain_name(dname->name, + strlen(dname->name), 0)) { +dhcpv6_dprintf(LOG_ERR, "suspect characters " + "in domain name - discarded"); +free(dname); +dname = NULL; +continue; +} +} dhcpv6_dprintf(LOG_DEBUG, "expand domain name %s, size %d", dname->name, Remember to have fun... -- To unsubscribe, e-mail: opensuse-commit+unsubscr...@opensuse.org For additional commands, e-mail: opensus