diff --git a/README.debrand b/README.debrand deleted file mode 100644 index 01c46d2..0000000 --- a/README.debrand +++ /dev/null @@ -1,2 +0,0 @@ -Warning: This package was configured for automatic debranding, but the changes -failed to apply. diff --git a/SOURCES/dhcp-CVE-2022-2928.patch b/SOURCES/dhcp-CVE-2022-2928.patch new file mode 100644 index 0000000..485b1d8 --- /dev/null +++ b/SOURCES/dhcp-CVE-2022-2928.patch @@ -0,0 +1,32 @@ +diff --git a/common/options.c b/common/options.c +index ed8ac38..addc65a 100644 +--- a/common/options.c ++++ b/common/options.c +@@ -4397,6 +4397,8 @@ add_option(struct option_state *options, + if (!option_cache_allocate(&oc, MDL)) { + log_error("No memory for option cache adding %s (option %d).", + option->name, option_num); ++ /* Get rid of reference created during hash lookup. */ ++ option_dereference(&option, MDL); + return 0; + } + +@@ -4408,6 +4410,8 @@ add_option(struct option_state *options, + MDL)) { + log_error("No memory for constant data adding %s (option %d).", + option->name, option_num); ++ /* Get rid of reference created during hash lookup. */ ++ option_dereference(&option, MDL); + option_cache_dereference(&oc, MDL); + return 0; + } +@@ -4416,6 +4420,9 @@ add_option(struct option_state *options, + save_option(&dhcp_universe, options, oc); + option_cache_dereference(&oc, MDL); + ++ /* Get rid of reference created during hash lookup. */ ++ option_dereference(&option, MDL); ++ + return 1; + } + diff --git a/SOURCES/dhcp-CVE-2022-2929.patch b/SOURCES/dhcp-CVE-2022-2929.patch new file mode 100644 index 0000000..d719bf6 --- /dev/null +++ b/SOURCES/dhcp-CVE-2022-2929.patch @@ -0,0 +1,25 @@ +diff --git a/common/options.c b/common/options.c +index addc65a..3e6383a 100644 +--- a/common/options.c ++++ b/common/options.c +@@ -435,16 +435,16 @@ int fqdn_universe_decode (struct option_state *options, + while (s < &bp -> data[0] + length + 2) { + len = *s; + if (len > 63) { +- log_info ("fancy bits in fqdn option"); +- return 0; ++ log_info ("label length exceeds 63 in fqdn option"); ++ goto bad; + } + if (len == 0) { + terminated = 1; + break; + } + if (s + len > &bp -> data [0] + length + 3) { +- log_info ("fqdn tag longer than buffer"); +- return 0; ++ log_info ("fqdn label longer than buffer"); ++ goto bad; + } + + if (first_len == 0) { diff --git a/SPECS/dhcp.spec b/SPECS/dhcp.spec index 74bd3fc..2c1428d 100644 --- a/SPECS/dhcp.spec +++ b/SPECS/dhcp.spec @@ -16,7 +16,7 @@ Summary: Dynamic host configuration protocol software Name: dhcp Version: 4.3.6 -Release: 48%{?dist}.1 +Release: 49%{?dist} # NEVER CHANGE THE EPOCH on this package. The previous maintainer (prior to # dcantrell maintaining the package) made incorrect use of the epoch and # that's why it is at 12 now. It should have never been used, but it was. @@ -85,7 +85,9 @@ Patch49: dhcp-detect-system-time-jumps.patch Patch50: dhcp-key_algorithm.patch Patch51: dhcp-statement_parser.patch Patch52: dhcp-omshell-hmac-sha512-support.patch -Patch53: dhcp-dhcp6-vendor-opts.patch +Patch53: dhcp-CVE-2022-2928.patch +Patch54: dhcp-CVE-2022-2929.patch +Patch55: dhcp-dhcp6-vendor-opts.patch BuildRequires: autoconf BuildRequires: automake @@ -370,9 +372,15 @@ rm bind/bind.tar.gz # https://bugzilla.redhat.com/show_bug.cgi?id=2016248 %patch52 -p1 -# https://bugzilla.redhat.com/show_bug.cgi?id=2142025 +# https://bugzilla.redhat.com/show_bug.cgi?id=2132248 %patch53 -p1 +# https://bugzilla.redhat.com/show_bug.cgi?id=2132245 +%patch54 -p1 + +# https://bugzilla.redhat.com/show_bug.cgi?id=2142024 +%patch55 -p1 + # Update paths in all man pages for page in client/dhclient.conf.5 client/dhclient.leases.5 \ client/dhclient-script.8 client/dhclient.8 ; do @@ -706,11 +714,10 @@ done %endif %changelog -* Thu Jan 12 2023 CentOS Sources - 4.3.6-48.el8.centos.1 -- Apply debranding changes - -* Sun Nov 20 2022 Martin Osvald - 12:4.3.6-48.1 -- send back dhcp6.vendor-opts again (#2142025) +* Tue Oct 11 2022 Martin Osvald - 12:4.3.6-49 +- Fix for CVE-2022-2928 +- Fix for CVE-2022-2929 +- send back dhcp6.vendor-opts again (#2142024) * Tue May 10 2022 Martin Osvald - 12:4.3.6-48 - omshell: add support for hmac-sha512 algorithm (#2016248)