From 81992ef63fb540abee259c003a45bf38ea72caf2 Mon Sep 17 00:00:00 2001 From: CentOS Sources Date: Oct 06 2021 16:54:25 +0000 Subject: import dhcp-4.3.6-45.el8 --- diff --git a/README.debrand b/README.debrand deleted file mode 100644 index 01c46d2..0000000 --- a/README.debrand +++ /dev/null @@ -1,2 +0,0 @@ -Warning: This package was configured for automatic debranding, but the changes -failed to apply. diff --git a/SOURCES/dhcp-statement_parser.patch b/SOURCES/dhcp-statement_parser.patch new file mode 100644 index 0000000..2bb474b --- /dev/null +++ b/SOURCES/dhcp-statement_parser.patch @@ -0,0 +1,21 @@ +diff --git a/common/parse.c b/common/parse.c +index e78223c2..656b378b 100644 +--- a/common/parse.c ++++ b/common/parse.c +@@ -5790,13 +5790,14 @@ int parse_X (cfile, buf, max) + skip_to_semi (cfile); + return 0; + } +- convert_num (cfile, &buf [len], val, 16, 8); +- if (len++ > max) { ++ if (len >= max) { + parse_warn (cfile, + "hexadecimal constant too long."); + skip_to_semi (cfile); + return 0; + } ++ convert_num (cfile, &buf [len], val, 16, 8); ++ len++; + token = peek_token (&val, (unsigned *)0, cfile); + if (token == COLON) + token = next_token (&val, diff --git a/SPECS/dhcp.spec b/SPECS/dhcp.spec index b899915..bd0fcb2 100644 --- a/SPECS/dhcp.spec +++ b/SPECS/dhcp.spec @@ -16,7 +16,7 @@ Summary: Dynamic host configuration protocol software Name: dhcp Version: 4.3.6 -Release: 44%{?dist} +Release: 45%{?dist} # NEVER CHANGE THE EPOCH on this package. The previous maintainer (prior to # dcantrell maintaining the package) made incorrect use of the epoch and # that's why it is at 12 now. It should have never been used, but it was. @@ -83,6 +83,7 @@ Patch47: dhcp-isc_heap_delete.patch Patch48: dhcp-bind-9.11.patch Patch49: dhcp-detect-system-time-jumps.patch Patch50: dhcp-key_algorithm.patch +Patch51: dhcp-statement_parser.patch BuildRequires: autoconf BuildRequires: automake @@ -361,6 +362,9 @@ rm bind/bind.tar.gz # https://github.com/isc-projects/dhcp/commit/e6ffc27f24321017a5ad9af3707f4e2e54bbac74 %patch50 -p1 -b .key-alg +# https://bugzilla.redhat.com/show_bug.cgi?id=1963807 +%patch51 -p1 + # Update paths in all man pages for page in client/dhclient.conf.5 client/dhclient.leases.5 \ client/dhclient-script.8 client/dhclient.8 ; do @@ -694,8 +698,8 @@ done %endif %changelog -* Tue Mar 30 2021 CentOS Sources - 4.3.6-44.el8.centos -- Apply debranding changes +* Thu May 27 2021 Pavel Zhukov - 12:4.3.6-45 +- Fix for CVE-2021-25217 * Fri Dec 11 2020 Pavel Zhukov - 12:4.3.6-44 - Rebuild with new bind (#1904613)