Hello community, here is the log from the commit of package dhcp for openSUSE:Factory checked in at Thu Aug 6 21:34:45 CEST 2009. -------- --- dhcp/dhcp.changes 2009-01-19 16:15:47.000000000 +0100 +++ dhcp/dhcp.changes 2009-07-29 15:26:29.000000000 +0200 @@ -1,0 +2,48 @@ +Wed Jul 29 14:05:41 CEST 2009 - mt@suse.de + +- Applied fix for a dhcp client id DoS (CVE-2009-1892, bnc#519413). + +------------------------------------------------------------------- +Wed Jul 29 12:47:46 CEST 2009 - mt@suse.de + +- Updated to dhcp-3.1.2p1 maintenance release fixing following + issues: + * A stack overflow vulnerability was fixed in dhclient that could + allow remote attackers to execute arbitrary commands as root on + the system, or simply terminate the client, by providing an + over-long subnet-mask option. + * A double-dereference in dhclient transmission of DHCPDECLINEs + was repaired. + * Fix handling of -A and -a flags in dhcrelay; it was failing + to expand packet size as needed to add relay agent options. + * Corrected list of failover state values in dhcpd man page. + * Fixed a bug that caused some request types to be logged + incorrectly. + * Fixed a coredump when adding a class via OMAPI. + * Clients that sent a parameter request list containing the + routers option before the subnet mask option were receiving + only the latter. Fixed. + * The server wasn't always sending the FQDN option when it should. + * A partner-down failover server no longer emits 'peer holds all + free leases' if it is able to newly-allocate one of the peer's + leases. + * A cosmetic bug in DHCPDECLINE processing was fixed which caused + all successful DHCPDECLINEs to be logged as "not found" rather + than "abandoned". + * Some failover debugging #defines have been better defined and + some high frequency messages moved to a deeper debugging symbol. + * The CLTT parameter in failover is now only updated by client + activity, and not by failover binding updates. + * Failover BNDUPD messages are now discarded if they conflict with + an update that has been trasnmitted, but not acknowledged. + * A bug cleaning up unknown-xxx temporary option definitions was + fixed. +- Removed obsolete dhclient-no-dereference-twice patch +- Improved dhclient-script to apply global dhcp settings, when + there is no interface config (bnc#480922). +- Enabled casa support in dhcp-ldap for >= sles 10 and => 11.1. +- Updated dhcp-3.1.2p1-ldap-patch-mt.11.2-02 merging all patches + flying around -- see http://www.suse.de/~mt/git/dhcp-ldap.git + and the git changelog at the begin of the patch. + +------------------------------------------------------------------- calling whatdependson for head-i586 Old: ---- dhcp-3.0.5-ldap-patch_3.1.1.bz2 dhcp-3.0.5-ldap-patch_host_brace.dif dhcp-3.0.5-ldap-patch_object-order.dif dhcp-3.0.5-ldap-patch_server_dn.dif dhcp-3.0.6-ldap-patch_external-dn.diff dhcp-3.0.6-ldap-patch_hwaddr-icase.dif dhcp-3.1.1-dhclient-no-dereference-twice.dif dhcp-3.1.1-dhclient-script.dif dhcp-3.1.1-ldap-patch_failover-obj.dif dhcp-3.1.1-ldap-patch_service-assoc-msg.dif dhcp-3.1.1.tar.gz dhcp-3.1.1.tar.gz.asc New: ---- dhcp-3.1.1-CVE-2009-1892.bnc519413.dif dhcp-3.1.2-dhclient-script.dif dhcp-3.1.2p1-ldap-patch-mt.11.2-02.diff.bz2 dhcp-3.1.2p1.tar.gz dhcp-3.1.2p1.tar.gz.asc ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ dhcp.spec ++++++ --- /var/tmp/diff_new_pack.s6FcSt/_old 2009-08-06 21:29:24.000000000 +0200 +++ /var/tmp/diff_new_pack.s6FcSt/_new 2009-08-06 21:29:24.000000000 +0200 @@ -1,5 +1,5 @@ # -# spec file for package dhcp (Version 3.1.1) +# spec file for package dhcp (Version 3.1.2p1) # # Copyright (c) 2009 SUSE LINUX Products GmbH, Nuernberg, Germany. # @@ -22,16 +22,16 @@ %define susefw2dir %{_sysconfdir}/sysconfig/SuSEfirewall2.d/services %define omc_prefix /usr/share/omc %define omc_svcdir %{omc_prefix}/svcinfo.d -%define with_casa 0 -%if %{?with_casa:%with_casa} +%define with_casa 0%{?sles_version} >= 10 || 0%{?suse_version} >= 1110 +%if 0%{?with_casa:%with_casa} BuildRequires: CASA-devel %endif BuildRequires: dos2unix openldap2-devel -License: BSD 3-Clause +License: BSD 3-clause (or similar) Group: Productivity/Networking/Boot/Servers AutoReqProv: on -Version: 3.1.1 -Release: 9 +Version: 3.1.2p1 +Release: 1 Summary: Common Files Used by ISC DHCP Software Url: http://www.isc.org/isc/dhcp.html Source0: http://ftp.isc.org/isc/dhcp/dhcp-%{version}.tar.gz @@ -67,14 +67,7 @@ ## patch lives here: http://home.ntelos.net/~masneyb/ %define DHCPD_LDAP 1 %if %DHCPD_LDAP -Patch10: dhcp-3.0.5-ldap-patch_3.1.1.bz2 -Patch11: dhcp-3.0.5-ldap-patch_object-order.dif -Patch12: dhcp-3.0.5-ldap-patch_server_dn.dif -Patch13: dhcp-3.0.5-ldap-patch_host_brace.dif -Patch14: dhcp-3.0.6-ldap-patch_hwaddr-icase.dif -Patch15: dhcp-3.0.6-ldap-patch_external-dn.diff -Patch16: dhcp-3.1.1-ldap-patch_failover-obj.dif -Patch17: dhcp-3.1.1-ldap-patch_service-assoc-msg.dif +Patch10: dhcp-3.1.2p1-ldap-patch-mt.11.2-02.diff.bz2 %endif %if %{?suse_version:%suse_version}%{?!suse_version:99999} > 930 Patch30: dhcp-3.1.1-pie.dif @@ -82,17 +75,17 @@ Patch40: dhcp-3.1.1-dhclient-exec-filedes.dif Patch41: dhcp-3.1.1-dhclient-send-hostname-rml.dif Patch42: dhcp-3.1.1-dhclient-use-script-cmdline.dif -Patch43: dhcp-3.1.1-dhclient-no-dereference-twice.dif Patch50: dhcp-3.1.1-dhclient-conf.dif -Patch60: dhcp-3.1.1-dhclient-script.dif +Patch60: dhcp-3.1.2-dhclient-script.dif ## +Patch70: dhcp-3.1.1-CVE-2009-1892.bnc519413.dif Obsoletes: dhcp-base Provides: dhcp-base:/usr/bin/omshell PreReq: /bin/touch /sbin/chkconfig sysconfig BuildRoot: %{_tmppath}/%{name}-%{version}-build %package server -License: BSD 3-Clause +License: BSD 3-clause (or similar) Summary: ISC DHCP Server Group: Productivity/Networking/Boot/Servers Requires: net-tools dhcp @@ -101,7 +94,7 @@ AutoReqProv: on %package client -License: BSD 3-Clause +License: BSD 3-clause (or similar) Summary: ISC DHCP Client Group: Productivity/Networking/Boot/Clients Requires: net-tools dhcp /usr/bin/host @@ -111,7 +104,7 @@ AutoReqProv: on %package relay -License: BSD 3-Clause +License: BSD 3-clause (or similar) Summary: DHCP Relay Agent Group: Productivity/Networking/Boot/Servers Requires: net-tools dhcp @@ -121,7 +114,7 @@ AutoReqProv: on %package devel -License: BSD 3-Clause +License: BSD 3-clause (or similar) Summary: Header Files and Libraries for dhcpctl API Group: Development/Libraries/C and C++ Requires: dhcp = %{version} @@ -201,13 +194,6 @@ %patch4 -p0 %if %DHCPD_LDAP %patch10 -p1 -%patch11 -p0 -%patch12 -p0 -%patch13 -p0 -%patch14 -p0 -%patch15 -p0 -%patch16 -p0 -%patch17 -p0 %endif %if %{?suse_version:%suse_version}%{?!suse_version:99999} > 930 %patch30 -p0 @@ -215,9 +201,9 @@ %patch40 -p0 %patch41 -p0 %patch42 -p0 -%patch43 -p0 %patch50 -p0 %patch60 -p0 +%patch70 -p0 ## find . -type f -name \*.cat\* -exec rm -f {} \; cp -p %{S:2} %{S:3} %{S:11} %{S:12} %{S:14} %{S:32} %{S:33} . @@ -232,8 +218,8 @@ %build export CFLAGS -CFLAGS="$RPM_OPT_FLAGS -W -Wall -fno-strict-aliasing -Wno-unused -DEXTENDED_NEW_OPTION_INFO -DLDAP_DEPRECATED -DUSE_SSL -DPARANOIA" -%if %{?with_casa:%with_casa} +CFLAGS="$RPM_OPT_FLAGS -W -Wall -fno-strict-aliasing -Wno-unused -DLDAP_DEPRECATED -DUSE_SSL -DPARANOIA" +%if 0%{?with_casa:%with_casa} CFLAGS="$CFLAGS -DLDAP_CASA_AUTH" %endif # seems obsolete (redefined reports) => double check ++++++ dhcp-3.1.1-CVE-2009-1892.bnc519413.dif ++++++ --- server/dhcp.c +++ server/dhcp.c 2009/07/09 16:05:43 @@ -1747,6 +1747,8 @@ void ack_lease (packet, lease, offer, wh host_reference (&host, h, MDL); } if (!host) { + if (hp) + host_dereference (&hp, MDL); find_hosts_by_haddr (&hp, packet -> raw -> htype, packet -> raw -> chaddr, ++++++ dhcp-3.1.1-dhclient-script.dif -> dhcp-3.1.2-dhclient-script.dif ++++++ --- dhcp/dhcp-3.1.1-dhclient-script.dif 2009-01-19 16:15:47.000000000 +0100 +++ dhcp/dhcp-3.1.2-dhclient-script.dif 2009-07-29 12:53:15.000000000 +0200 @@ -1,5 +1,5 @@ --- client/dhclient-script.8 -+++ client/dhclient-script.8 2009/01/19 14:56:42 ++++ client/dhclient-script.8 2009/05/04 09:54:05 @@ -45,9 +45,10 @@ This script is not meant to be customized by the end user. If local customizations are needed, they should be possible using the enter and @@ -72,7 +72,7 @@ .B dhclient-script(8) has been written for Internet Systems Consortium --- client/scripts/linux -+++ client/scripts/linux 2009/01/19 14:56:58 ++++ client/scripts/linux 2009/05/04 10:01:50 @@ -22,25 +22,97 @@ # 4. TIMEOUT not tested. ping has a flag I don't know, and I'm suspicious # of the $1 in its args. @@ -83,7 +83,7 @@ +# logs entire run of dhclient-script to /var/log/dhclient-script, +# if DHCLIENT_DEBUG is set in sysconfig/network/dhcp +# -+eval `grep "^DHCLIENT_DEBUG=" /etc/sysconfig/network/dhcp` ++eval `grep "^DHCLIENT_DEBUG=" /etc/sysconfig/network/dhcp 2>/dev/null` +if [ "$DHCLIENT_DEBUG" = yes ]; then + set -a # allexport + ( @@ -198,7 +198,7 @@ # Add route to make broadcast work. Do not omit netmask. route add default dev $interface netmask 0.0.0.0 else -@@ -116,39 +192,59 @@ +@@ -116,47 +192,117 @@ if [ x$reason = xBOUND ] || [ x$reason = xRENEW ] || \ [ x$reason = xREBIND ] || [ x$reason = xREBOOT ]; then @@ -241,14 +241,21 @@ - route add default gw $router - done + -+ if grep -qs '^primary=yes' /dev/shm/sysconfig/if-${interface} 2>/dev/null ; ++ if test -f /etc/sysconfig/network/ifcfg-${interface} -o \ ++ -f /dev/shm/sysconfig/if-${interface} ; + then -+ eval `grep --no-filename '^[[:space:]]*DHCLIENT_SET_DEFAULT_ROUTE=' \ -+ /etc/sysconfig/network/dhcp -+ /etc/sysconfig/network/ifcfg-${interface} 2>/dev/null` ++ if grep -qs '^primary=yes' /dev/shm/sysconfig/if-${interface} 2>/dev/null ; ++ then ++ eval `grep --no-filename '^[[:space:]]*DHCLIENT_SET_DEFAULT_ROUTE=' \ ++ /etc/sysconfig/network/dhcp ++ /etc/sysconfig/network/ifcfg-${interface} 2>/dev/null` ++ else ++ eval `grep --no-filename '^[[:space:]]*DHCLIENT_SET_DEFAULT_ROUTE=' \ ++ /etc/sysconfig/network/ifcfg-${interface} 2>/dev/null` ++ fi + else + eval `grep --no-filename '^[[:space:]]*DHCLIENT_SET_DEFAULT_ROUTE=' \ -+ /etc/sysconfig/network/ifcfg-${interface} 2>/dev/null` ++ /etc/sysconfig/network/dhcp 2>/dev/null` + fi + if [ "$DHCLIENT_SET_DEFAULT_ROUTE" = yes ] ; then + for router in $new_routers; do @@ -272,52 +279,61 @@ + done + fi fi ++ if [ x$new_ip_address != x$alias_ip_address ] && [ x$alias_ip_address != x ]; then -@@ -156,7 +252,41 @@ + ifconfig $interface:0- inet 0 ifconfig $interface:0 inet $alias_ip_address $alias_subnet_arg route add -host $alias_ip_address $interface:0 fi - make_resolv_conf ++ + if use_netconfig ; then + netconfig_modify + else + make_resolv_conf + fi -+ if grep -qs '^primary=yes' /dev/shm/sysconfig/if-${interface} 2>/dev/null ; ++ ++ if test -f /etc/sysconfig/network/ifcfg-${interface} -o \ ++ -f /dev/shm/sysconfig/if-${interface} ; + then -+ eval `grep --no-filename "^[[:space:]]*DHCLIENT_SET_HOSTNAME=" \ -+ /etc/sysconfig/network/dhcp -+ /etc/sysconfig/network/ifcfg-${interface} 2>/dev/null` ++ if grep -qs '^primary=yes' /dev/shm/sysconfig/if-${interface} 2>/dev/null ; ++ then ++ eval `grep --no-filename "^[[:space:]]*DHCLIENT_SET_HOSTNAME=" \ ++ /etc/sysconfig/network/dhcp ++ /etc/sysconfig/network/ifcfg-${interface} 2>/dev/null` ++ else ++ eval `grep --no-filename "^[[:space:]]*DHCLIENT_SET_HOSTNAME=" \ ++ /etc/sysconfig/network/ifcfg-${interface} 2>/dev/null` ++ fi + else + eval `grep --no-filename "^[[:space:]]*DHCLIENT_SET_HOSTNAME=" \ -+ /etc/sysconfig/network/ifcfg-${interface} 2>/dev/null` ++ /etc/sysconfig/network/dhcp 2>/dev/null` + fi + if [ "$DHCLIENT_SET_HOSTNAME" = yes ] ; then -+ + current_hostname=`hostname` + if [ "x${current_hostname%%.*}" = x ] || \ + [ "x${current_hostname%%.*}" != "x${new_host_name%%.*}" ]; then + -+ if [ "x${new_host_name%%.*}" != x ]; then -+ hostname "${new_host_name%%.*}" -+ else -+ if [ -x /usr/bin/host ] ; then -+ if out=`host -W 2 "$new_ip_address" 2>/dev/null` ; then -+ _hostname="`echo "$out" | sed 's:^.* ::; s:\..*::'`" -+ if [ "x${_hostname}" != x ]; then -+ hostname "${_hostname}" -+ fi ++ if [ "x${new_host_name%%.*}" != x ]; then ++ hostname "${new_host_name%%.*}" ++ else ++ if [ -x /usr/bin/host ] ; then ++ if out=`host -W 2 "$new_ip_address" 2>/dev/null` ; then ++ _hostname="`echo "$out" | sed 's:^.* ::; s:\..*::'`" ++ if [ "x${_hostname}" != x ]; then ++ hostname "${_hostname}" + fi + fi + fi ++ fi + fi -+ + fi ++ exit_with_hooks 0 fi -@@ -168,7 +298,7 @@ +@@ -168,7 +314,7 @@ fi if [ x$old_ip_address != x ]; then # Shut down interface, which will delete routes and clear arp cache. @@ -326,7 +342,7 @@ fi if [ x$alias_ip_address != x ]; then ifconfig $interface:0 inet $alias_ip_address $alias_subnet_arg -@@ -182,27 +312,37 @@ +@@ -182,27 +328,37 @@ ifconfig $interface:0- inet 0 fi ifconfig $interface inet $new_ip_address $new_subnet_arg \ ++++++ dhcp-3.1.2p1-ldap-patch-mt.11.2-02.diff.bz2 ++++++ ++++ 6203 lines (skipped) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Remember to have fun... -- To unsubscribe, e-mail: opensuse-commit+unsubscribe@opensuse.org For additional commands, e-mail: opensuse-commit+help@opensuse.org