Hello community, here is the log from the commit of package dhcp for openSUSE:Factory checked in at 2012-01-17 11:32:42 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/dhcp (Old) and /work/SRC/openSUSE:Factory/.dhcp.new (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Package is "dhcp", Maintainer is "mt@suse.com" Changes: -------- --- /work/SRC/openSUSE:Factory/dhcp/dhcp.changes 2011-12-12 16:58:52.000000000 +0100 +++ /work/SRC/openSUSE:Factory/.dhcp.new/dhcp.changes 2012-01-17 16:05:01.000000000 +0100 @@ -1,0 +2,23 @@ +Fri Jan 13 15:26:43 UTC 2012 - mt@suse.com + +- Updated to ISC dhcp-4.2.3-P2 release, providing a DDNS security fix: + Modify the DDNS handling code. In a previous patch we added logging + code to the DDNS handling. This code included a bug that caused it + to attempt to dereference a NULL pointer and eventually segfault. + While reviewing the code as we addressed this problem, we determined + that some of the updates to the lease structures would not work as + planned since the structures being updated were in the process of + being freed: these updates were removed. In addition we removed an + incorrect call to the DDNS removal function that could cause a failure + during the removal of DDNS information from the DNS server. + Thanks to Jasper Jongmans for reporting this issue. + ([ISC-Bugs #27078], CVE: CVE-2011-4868, bnc#741239) +- Fixed close-on-exec patch to not set it on stderr (bnc#732910) +- Fixed incorrect "a" array type option parsing causing to discard + e.g. classless static routes from lease file [reported as ISC-Bug + 27289] and zero-length option parsing such as dhcp6.rapid-commit + in dhclient6 [reported as ISC-Bug 27314] (bnc#739696). +- Fixed dhclient to include its pid number in syslog messages. +- Fixed to use P2 in the spec version, not in the release tag. + +------------------------------------------------------------------- Old: ---- dhcp-4.2.3-P1.tar.bz2 New: ---- dhcp-4.2.3-P1-dhclient-log-pid.diff dhcp-4.2.3-P1-dhclient-option_param-a.diff dhcp-4.2.3-P1-dhclient-zero-length-options.patch dhcp-4.2.3-P2.tar.bz2 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ dhcp.spec ++++++ --- /var/tmp/diff_new_pack.RPgM63/_old 2012-01-17 16:05:02.000000000 +0100 +++ /var/tmp/diff_new_pack.RPgM63/_new 2012-01-17 16:05:02.000000000 +0100 @@ -1,7 +1,7 @@ # # spec file for package dhcp # -# Copyright (c) 2011 SUSE LINUX Products GmbH, Nuernberg, Germany. +# Copyright (c) 2012 SUSE LINUX Products GmbH, Nuernberg, Germany. # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed @@ -17,7 +17,7 @@ # norootforbuild -%define isc_version 4.2.3-P1 +%define isc_version 4.2.3-P2 %define susefw2dir %{_sysconfdir}/sysconfig/SuSEfirewall2.d/services %define omc_prefix /usr/share/omc %define omc_svcdir %{omc_prefix}/svcinfo.d @@ -40,8 +40,8 @@ License: BSD-3-Clause Group: Productivity/Networking/Boot/Servers AutoReqProv: on -Version: 4.2.3 -Release: P1.0.<RELEASE0> +Version: 4.2.3.P2 +Release: 0.<RELEASE0> Summary: Common Files Used by ISC DHCP Software Url: http://www.isc.org/software/dhcp Source0: dhcp-%{isc_version}.tar.bz2 @@ -88,6 +88,9 @@ Patch45: dhcp-4.2.2-dhclient-option-checks.bnc675052.diff Patch46: dhcp-4.2.2-close-on-exec.diff Patch47: dhcp-4.2.2-quiet-dhclient.bnc711420.diff +Patch48: dhcp-4.2.3-P1-dhclient-option_param-a.diff +Patch49: dhcp-4.2.3-P1-dhclient-log-pid.diff +Patch50: dhcp-4.2.3-P1-dhclient-zero-length-options.patch ## PreReq: /bin/touch /sbin/chkconfig sysconfig BuildRoot: %{_tmppath}/%{name}-%{version}-build @@ -216,6 +219,9 @@ %patch45 -p1 %patch46 -p1 %patch47 -p1 +%patch48 -p1 +%patch49 -p1 +%patch50 -p1 ## find . -type f -name \*.cat\* -exec rm -f {} \; dos2unix contrib/ms2isc/* ++++++ dhcp-4.2.2-close-on-exec.diff ++++++ --- /var/tmp/diff_new_pack.RPgM63/_old 2012-01-17 16:05:02.000000000 +0100 +++ /var/tmp/diff_new_pack.RPgM63/_new 2012-01-17 16:05:02.000000000 +0100 @@ -24,21 +24,6 @@ index 82c26bb..a1cab01 100644 --- a/client/dhclient.c +++ b/client/dhclient.c -@@ -131,11 +131,11 @@ main(int argc, char **argv) { - /* Make sure that file descriptors 0 (stdin), 1, (stdout), and - 2 (stderr) are open. To do this, we assume that when we - open a file the lowest available file descriptor is used. */ -- fd = open("/dev/null", O_RDWR); -+ fd = open("/dev/null", O_RDWR | O_CLOEXEC); - if (fd == 0) -- fd = open("/dev/null", O_RDWR); -+ fd = open("/dev/null", O_RDWR | O_CLOEXEC); - if (fd == 1) -- fd = open("/dev/null", O_RDWR); -+ fd = open("/dev/null", O_RDWR | O_CLOEXEC); - if (fd == 2) - log_perror = 0; /* No sense logging to /dev/null. */ - else if (fd != -1) @@ -423,7 +423,7 @@ main(int argc, char **argv) { int e; @@ -84,19 +69,6 @@ if (leaseFile == NULL) { log_error ("can't create %s: %m", path_dhclient_db); return 0; -@@ -3472,9 +3472,9 @@ void go_daemon () - close(2); - - /* Reopen them on /dev/null. */ -- open("/dev/null", O_RDWR); -- open("/dev/null", O_RDWR); -- open("/dev/null", O_RDWR); -+ open("/dev/null", O_RDWR | O_CLOEXEC); -+ open("/dev/null", O_RDWR | O_CLOEXEC); -+ open("/dev/null", O_RDWR | O_CLOEXEC); - - write_client_pid_file (); - diff --git a/common/bpf.c b/common/bpf.c index 8bd5727..7b8f1d4 100644 --- a/common/bpf.c @@ -276,21 +248,6 @@ index f21f16f..d2aa90e 100644 --- a/relay/dhcrelay.c +++ b/relay/dhcrelay.c -@@ -183,11 +183,11 @@ main(int argc, char **argv) { - /* Make sure that file descriptors 0(stdin), 1,(stdout), and - 2(stderr) are open. To do this, we assume that when we - open a file the lowest available file descriptor is used. */ -- fd = open("/dev/null", O_RDWR); -+ fd = open("/dev/null", O_RDWR | O_CLOEXEC); - if (fd == 0) -- fd = open("/dev/null", O_RDWR); -+ fd = open("/dev/null", O_RDWR | O_CLOEXEC); - if (fd == 1) -- fd = open("/dev/null", O_RDWR); -+ fd = open("/dev/null", O_RDWR | O_CLOEXEC); - if (fd == 2) - log_perror = 0; /* No sense logging to /dev/null. */ - else if (fd != -1) @@ -540,13 +540,14 @@ main(int argc, char **argv) { if (no_pid_file == ISC_FALSE) { @@ -356,21 +313,6 @@ index 27e04e4..9233d26 100644 --- a/server/dhcpd.c +++ b/server/dhcpd.c -@@ -274,11 +274,11 @@ main(int argc, char **argv) { - /* Make sure that file descriptors 0 (stdin), 1, (stdout), and - 2 (stderr) are open. To do this, we assume that when we - open a file the lowest available file descriptor is used. */ -- fd = open("/dev/null", O_RDWR); -+ fd = open("/dev/null", O_RDWR | O_CLOEXEC); - if (fd == 0) -- fd = open("/dev/null", O_RDWR); -+ fd = open("/dev/null", O_RDWR | O_CLOEXEC); - if (fd == 1) -- fd = open("/dev/null", O_RDWR); -+ fd = open("/dev/null", O_RDWR | O_CLOEXEC); - if (fd == 2) - log_perror = 0; /* No sense logging to /dev/null. */ - else if (fd != -1) @@ -809,7 +809,7 @@ main(int argc, char **argv) { */ if (no_pid_file == ISC_FALSE) { @@ -389,19 +331,6 @@ if (i >= 0) { sprintf(pbuf, "%d\n", (int) getpid()); IGNORE_RET (write(i, pbuf, strlen(pbuf))); -@@ -856,9 +856,9 @@ main(int argc, char **argv) { - close(2); - - /* Reopen them on /dev/null. */ -- open("/dev/null", O_RDWR); -- open("/dev/null", O_RDWR); -- open("/dev/null", O_RDWR); -+ open("/dev/null", O_RDWR | O_CLOEXEC); -+ open("/dev/null", O_RDWR | O_CLOEXEC); -+ open("/dev/null", O_RDWR | O_CLOEXEC); - log_perror = 0; /* No sense logging to /dev/null. */ - - IGNORE_RET (chdir("/")); diff --git a/server/ldap.c b/server/ldap.c index 68acbbb..77efe26 100644 --- a/server/ldap.c ++++++ dhcp-4.2.3-P1-dhclient-log-pid.diff ++++++
From 1f30e4707e13cb09315cbda2cf36bae099285a79 Mon Sep 17 00:00:00 2001 From: Marius Tomaschewski
Date: Thu, 5 Jan 2012 16:25:18 +0100 Subject: [PATCH] Use pid number in dhclient log messages
Troubleshooting help to make it visible which client is reporting
as there may be more than one running (v4 + v6 multiple interfaces).
Signed-off-by: Marius Tomaschewski
From 3e3874a4e322536a683d2c22602c6c1a3f39df8e Mon Sep 17 00:00:00 2001 From: Marius Tomaschewski
Date: Thu, 5 Jan 2012 16:20:42 +0100 Subject: [PATCH] dhclient: parse_option_param: Bad format a
When the server provides options using the "a" array type, such as:
option rfc3442-classless-routes code 121 = array of unsigned integer 8;
the option is stored into the lease file, but when the client reads the
lease file next time, it complains about, because "a" array type aren't
recognized in the parsing loop and the option (lease?) discarded.
Signed-off-by: Marius Tomaschewski
From 70330e5cb91616dd235b63e54b9fe0dc15f3d61b Mon Sep 17 00:00:00 2001 From: Marius Tomaschewski
Date: Thu, 5 Jan 2012 16:28:50 +0100 Subject: [PATCH] zero-length option lease parse error in dhclient6
common/parse.c:
Use peek_token only or the next_token call behind the while loop
will cause two warnings / errors in the log:
lease line XX: semicolon expected.
lease line XX: Unexpected end of file.
[there is a } behind the semicolon as the next token in my case]
and the option (lease?) gets discarded.
To reproduce, use "send dhcp6.rapid-commit;" to /etc/dhclient6.conf,
remove the lease file and start the client. When the lease is bound,
kill the client and start it again.
client/dhclient.c:
More of cosmetic nature - do not print zero-length options like there
would be a value missed, e.g. " option dhcp6.rapid-commit ;".
Signed-off-by: Marius Tomaschewski
participants (1)
-
root@hilbert.suse.de