packages/dhcp
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

fix CVE-2021-25217

Browse Source
This commit is contained in:
renmingshuai 2021-05-31 19:41:27 +08:00
parent c88cb79cf3
commit 591f5aee71
2 changed files with 42 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

33
CVE-2021-25217.patch Normal file
View File

@ -0,0 +1,33 @@
diff --git a/common/parse.c b/common/parse.c
index 3329657..8772540 100644
--- a/common/parse.c
+++ b/common/parse.c
@@ -3,7 +3,7 @@
Common parser code for dhcpd and dhclient. */
/*
- * Copyright (c) 2004-2019 by Internet Systems Consortium, Inc. ("ISC")
+ * Copyright (c) 2004-2021 by Internet Systems Consortium, Inc. ("ISC")
* Copyright (c) 1995-2003 by Internet Software Consortium
*
* This Source Code Form is subject to the terms of the Mozilla Public
@@ -5613,13 +5613,14 @@ int parse_X (cfile, buf, max)
skip_to_semi (cfile);
return 0;
}
- convert_num (cfile, &buf [len], val, 16, 8);
- if (len++ > max) {
+ if (len >= max) {
parse_warn (cfile,
"hexadecimal constant too long.");
skip_to_semi (cfile);
return 0;
}
+ convert_num (cfile, &buf [len], val, 16, 8);
+ len++;
token = peek_token (&val, (unsigned *)0, cfile);
if (token == COLON)
token = next_token (&val,
--
1.8.3.1

11
dhcp.spec
View File

@ -3,7 +3,7 @@
Name: dhcp Name: dhcp
Version: 4.4.2 Version: 4.4.2
Release: 5 Release: 6
Summary: Dynamic host configuration protocol software Summary: Dynamic host configuration protocol software
#Please don't change the epoch on this package #Please don't change the epoch on this package
Epoch: 12 Epoch: 12
@ -43,7 +43,7 @@ Patch22: 0022-dhclient-make-sure-link-local-address-is-ready-in-st.patch
Patch23: 0023-option-97-pxe-client-id.patch Patch23: 0023-option-97-pxe-client-id.patch
Patch24: 0024-Detect-system-time-changes.patch Patch24: 0024-Detect-system-time-changes.patch
Patch26: 0026-Add-dhclient-5-B-option-description.patch Patch26: 0026-Add-dhclient-5-B-option-description.patch
Patch27: 0027-Add-missed-sd-notify-patch-to-manage-dhcpd-with-syst.patch Patch27: 0027-Add-missed-sd-notify-patch-to-manage-dhcpd-with-syst.patch
Patch28: bugfix-dhcp-4.2.5-check-dhclient-pid.patch Patch28: bugfix-dhcp-4.2.5-check-dhclient-pid.patch
Patch29: bugfix-reduce-getifaddr-calls.patch Patch29: bugfix-reduce-getifaddr-calls.patch
@ -53,6 +53,7 @@ Patch31: dhcpd-coredump-infiniband.patch
Patch32: bugfix-dhclient-check-if-pid-was-held.patch Patch32: bugfix-dhclient-check-if-pid-was-held.patch
Patch33: bugfix-dhcp-64-bit-lease-parse.patch Patch33: bugfix-dhcp-64-bit-lease-parse.patch
Patch34: dhcp-remove-bind.patch Patch34: dhcp-remove-bind.patch
Patch35: CVE-2021-25217.patch
BuildRequires: gcc autoconf automake libtool openldap-devel krb5-devel libcap-ng-devel bind-export-devel BuildRequires: gcc autoconf automake libtool openldap-devel krb5-devel libcap-ng-devel bind-export-devel
BuildRequires: systemd systemd-devel BuildRequires: systemd systemd-devel
@ -287,6 +288,12 @@ exit 0
%{_mandir}/man3/omapi.3.gz %{_mandir}/man3/omapi.3.gz
%changelog %changelog
* Mon May 31 2021 renmingshuai <renmingshuai@huawei.com> - 4.4.2-6
- Type:CVE
- ID:NA
- SUG:restart
- DESC:CVE-2021-25217
* Sat Feb 20 2021 hanzhijun <hanzhijun1@huawei.com> - 4.4.2-5 * Sat Feb 20 2021 hanzhijun <hanzhijun1@huawei.com> - 4.4.2-5
- Type:bugfix - Type:bugfix
- ID:NA - ID:NA