rpms/dhcp/F-11 dhcp-4.1.0p1-CVE-2010-2156.patch, NONE, 1.1 dhcp.spec, 1.265, 1.266
Jiří Popelka
jpopelka at fedoraproject.org
Fri Jun 18 12:09:35 UTC 2010
Author: jpopelka
Update of /cvs/pkgs/rpms/dhcp/F-11
In directory cvs01.phx2.fedoraproject.org:/tmp/cvs-serv27201
Modified Files:
dhcp.spec
Added Files:
dhcp-4.1.0p1-CVE-2010-2156.patch
Log Message:
* Fri Jun 18 2010 Jiri Popelka <jpopelka at redhat.com> - 12:4.1.0p1-6
- Fix for CVE-2010-2156
dhcp-4.1.0p1-CVE-2010-2156.patch:
hash.c | 10 ++++++++--
1 file changed, 8 insertions(+), 2 deletions(-)
--- NEW FILE dhcp-4.1.0p1-CVE-2010-2156.patch ---
diff -up dhcp-4.1.0p1/omapip/hash.c.CVE-2010-2156 dhcp-4.1.0p1/omapip/hash.c
--- dhcp-4.1.0p1/omapip/hash.c.CVE-2010-2156 2007-11-07 20:42:18.000000000 +0100
+++ dhcp-4.1.0p1/omapip/hash.c 2010-06-18 14:02:22.000000000 +0200
@@ -49,8 +49,14 @@ find_length(const void *key,
if (do_hash == do_ip4_hash)
return 4;
- log_fatal("Impossible condition at %s:%d.", MDL);
- return 0; /* Silence compiler warnings. */
+ log_debug("Unexpected hash function at %s:%d.", MDL);
+ /*
+ * If we get a hash function we don't specifically expect
+ * return a length of 0, this covers the case where a client
+ * id has a length of 0.
+ */
+ return 0;
+
}
int new_hash_table (tp, count, file, line)
Index: dhcp.spec
===================================================================
RCS file: /cvs/pkgs/rpms/dhcp/F-11/dhcp.spec,v
retrieving revision 1.265
retrieving revision 1.266
diff -u -p -r1.265 -r1.266
--- dhcp.spec 13 Oct 2009 10:27:04 -0000 1.265
+++ dhcp.spec 18 Jun 2010 12:09:34 -0000 1.266
@@ -13,7 +13,7 @@
Summary: Dynamic host configuration protocol software
Name: dhcp
Version: %{basever}p1
-Release: 5%{?dist}
+Release: 6%{?dist}
# NEVER CHANGE THE EPOCH on this package. The previous maintainer (prior to
# dcantrell maintaining the package) made incorrect use of the epoch and
# that's why it is at 12 now. It should have never been used, but it was.
@@ -52,6 +52,7 @@ Patch18: %{name}-4.1.0-missing-ipv6-not
Patch19: %{name}-4.1.0-IFNAMSIZ.patch
Patch20: %{name}-4.1.0-add_timeout_when_NULL.patch
Patch21: %{name}-4.1.0-CVE-2009-1892.patch
+Patch22: %{name}-4.1.0p1-CVE-2010-2156.patch
BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n)
BuildRequires: autoconf
@@ -206,6 +207,10 @@ libdhcpctl and libomapi static libraries
# http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1892
%patch21 -p1
+# Fix for CVE-2010-2156
+# http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2156
+%patch22 -p1
+
# Copy in documentation and example scripts for LDAP patch to dhcpd
%{__install} -p -m 0755 ldap-for-dhcp-%{ldappatchver}/dhcpd-conf-to-ldap contrib/
@@ -460,6 +465,9 @@ fi
%attr(0644,root,root) %{_mandir}/man3/omapi.3.gz
%changelog
+* Fri Jun 18 2010 Jiri Popelka <jpopelka at redhat.com> - 12:4.1.0p1-6
+- Fix for CVE-2010-2156
+
* Tue Oct 13 2009 Jiri Popelka <jpopelka at redhat.com> - 12:4.1.0p1-5
- Fix 56dhclient so network comes back after suspend/hibernate (#527641)
More information about the scm-commits
mailing list