Date: Sat, 28 Jul 2012 22:37:01 -0700 (PDT) From: <douglas@douglasthrift.net> To: FreeBSD-gnats-submit@FreeBSD.org Cc: zi@FreeBSD.org, douglas@douglasthrift.net Subject: ports/170245: Update port: net/isc-dhcp41-server Upgrade to 4.1-ESV-46 Message-ID: <201207290537.q6T5b1nL026517@slowhand.douglasthrift.net> Resent-Message-ID: <201207290540.q6T5e1xl083292@freefall.freebsd.org>
next in thread | raw e-mail | index | archive | help
>Number: 170245 >Category: ports >Synopsis: Update port: net/isc-dhcp41-server Upgrade to 4.1-ESV-46 >Confidential: no >Severity: critical >Priority: high >Responsible: freebsd-ports-bugs >State: open >Quarter: >Keywords: >Date-Required: >Class: maintainer-update >Submitter-Id: current-users >Arrival-Date: Sun Jul 29 05:40:01 UTC 2012 >Closed-Date: >Last-Modified: >Originator: >Release: FreeBSD 8.0-RELEASE-p6 amd64 >Organization: >Environment: System: FreeBSD slowhand.douglasthrift.net 8.0-RELEASE-p6 FreeBSD 8.0-RELEASE-p6 #2: Wed Sep 28 21:40:42 PDT 2011 user@jail8.johncompanies.com:/usr/obj/usr/src/sys/jail8 amd64 >Description: Upgraded net/isc-dhcp41-server to 4.1-ESV-R6. https://redports.org/buildarchive/20120729045327-59756/ https://redports.org/buildarchive/20120729045226-47986/ https://redports.org/buildarchive/20120729035941-19277/ >From RELNOTES: Changes since 4.1-ESV-R5 - Correct code to calculate timing values in client to compare rebind value to infinity instead of renew value. Thanks to Chenda Huang from H3C Technologies Co., Limited for reporting this issue. [ISC-Bugs #29062] - Fix some issues in the code for parsing and printing options. [ISC-Bugs #22625] - properly print options that have several fields followed by an array of something for example "fIa" [ISC-Bugs #27289] - properly parse options in declarations that have several fields followed by an array of something for example "fIa" [ISC-Bugs #27296] - properly determine if we parsed a 16 or 32 bit value in evaluate_numeric_expression (extract-int). [ISC-Bugs #27314] - properly parse a zero length option from a lease file. Thanks to Marius Tomaschewski from SUSE for the report and prototype patch for this ticket as well as ticket 27289. ! Previously the server code was relaxed to allow packets with zero length client ids to be processed. Under some situations use of zero length client ids can cause the server to go into an infinite loop. As such ids are not valid according to RFC 2132 section 9.14 the server no longer accepts them. Client ids with a length of 1 are also invalid but the server still accepts them in order to minimize disruption. The restriction will likely be tightened in the future to disallow ids with a length of 1. Thanks to Markus Hietava of Codenomicon CROSS project for the finding this issue and CERT-FI for vulnerability coordination. [ISC-Bugs #29851] CVE: CVE-2012-3571 ! A pair of memory leaks were found and fixed. Thanks to Glen Eustace of Massey University, New Zealand for finding this issue. [ISC-Bugs #30024] CVE: CVE-2012-3954 >How-To-Repeat: >Fix: --- isc-dhcp41-server.2012-07-29T053120Z.diff begins here --- diff -Nrux .svn -x work /usr/ports/net/isc-dhcp41-server/Makefile isc-dhcp41-server/Makefile --- /usr/ports/net/isc-dhcp41-server/Makefile 2012-06-17 23:03:31.000000000 -0700 +++ isc-dhcp41-server/Makefile 2012-07-28 18:45:45.000000000 -0700 @@ -21,10 +21,10 @@ LICENSE= ISCL -PATCHLEVEL= R5 -PORTREVISION_SERVER= 4 -PORTREVISION_CLIENT= 1 -PORTREVISION_RELAY= 4 +PATCHLEVEL= R6 +PORTREVISION_SERVER= 5 +PORTREVISION_CLIENT= 2 +PORTREVISION_RELAY= 5 SUBSYS?= server WRKSRC= ${WRKDIR}/${PORTNAME}-${DISTVERSION}-${PATCHLEVEL} diff -Nrux .svn -x work /usr/ports/net/isc-dhcp41-server/distinfo isc-dhcp41-server/distinfo --- /usr/ports/net/isc-dhcp41-server/distinfo 2012-06-17 23:03:31.000000000 -0700 +++ isc-dhcp41-server/distinfo 2012-07-28 18:46:00.000000000 -0700 @@ -1,4 +1,4 @@ -SHA256 (dhcp-4.1-ESV-R5.tar.gz) = c028fd6f9c1fff38fd0ae21cc89a70912e0eb759ea1019fb25b145cf14527583 -SIZE (dhcp-4.1-ESV-R5.tar.gz) = 1120684 +SHA256 (dhcp-4.1-ESV-R6.tar.gz) = deb666a1ab02dd1375c0ebd237ce1fcb3e4d9e7be520d25ba25f1f40eb0ead9e +SIZE (dhcp-4.1-ESV-R6.tar.gz) = 1121186 SHA256 (ldap-for-dhcp-4.1.1-2.tar.gz) = 566b7be2ebefdc583d0bf0095c804ba69807b67e5cc29a2b64b1b39202b37d0d SIZE (ldap-for-dhcp-4.1.1-2.tar.gz) = 39004 --- isc-dhcp41-server.2012-07-29T053120Z.diff ends here --- >Release-Note: >Audit-Trail: >Unformatted:
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201207290537.q6T5b1nL026517>