From 354608cb88042a7255aaf5c792b7638cb37a3979 Mon Sep 17 00:00:00 2001 From: Yi Zhao Date: Tue, 11 Oct 2022 21:30:08 +0800 Subject: dhcp-relay: upgrade 4.4.3 -> 4.4.3-P1 Changes since 4.4.3 (Bug Fixes) Corrected a reference count leak that occurs when the server builds responses to leasequery packets. Thanks to VictorV of Cyber Kunlun Lab for reporting the issue. [Gitlab #253] CVE: CVE-2022-2928 Corrected a memory leak that occurs when unpacking a packet that has an FQDN option (81) that contains a label with length greater than 63 bytes. Thanks to VictorV of Cyber Kunlun Lab for reporting the issue. [Gitlab #254] CVE: CVE-2022-2929 Signed-off-by: Yi Zhao Signed-off-by: Khem Raj --- .../recipes-connectivity/dhcp/dhcp-relay_4.4.3.bb | 62 ---------------------- .../dhcp/dhcp-relay_4.4.3p1.bb | 62 ++++++++++++++++++++++ 2 files changed, 62 insertions(+), 62 deletions(-) delete mode 100644 meta-networking/recipes-connectivity/dhcp/dhcp-relay_4.4.3.bb create mode 100644 meta-networking/recipes-connectivity/dhcp/dhcp-relay_4.4.3p1.bb (limited to 'meta-networking/recipes-connectivity/dhcp') diff --git a/meta-networking/recipes-connectivity/dhcp/dhcp-relay_4.4.3.bb b/meta-networking/recipes-connectivity/dhcp/dhcp-relay_4.4.3.bb deleted file mode 100644 index 92c648708e..0000000000 --- a/meta-networking/recipes-connectivity/dhcp/dhcp-relay_4.4.3.bb +++ /dev/null @@ -1,62 +0,0 @@ -SECTION = "console/network" -SUMMARY = "Internet Software Consortium DHCP Relay Agent" -DESCRIPTION = "A DHCP relay agent passes DHCP requests from one \ -LAN to another, so that a DHCP server is not needed on every LAN." - -HOMEPAGE = "http://www.isc.org/" - -LICENSE = "MPL-2.0" -LIC_FILES_CHKSUM = "file://LICENSE;md5=c463f4afde26d9eb60f14f50aeb85f8f" - -DEPENDS = "openssl libcap zlib" - -SRC_URI = "https://downloads.isc.org/isc/dhcp/${PV}/dhcp-${PV}.tar.gz \ - file://default-relay \ - file://init-relay \ - file://dhcrelay.service \ - file://0001-Makefile.am-only-build-dhcrelay.patch \ - file://0002-bind-Makefile.in-disable-backtrace.patch \ - file://0003-bind-Makefile.in-regenerate-configure.patch \ - " - -SRC_URI[sha256sum] = "0e3ec6b4c2a05ec0148874bcd999a66d05518378d77421f607fb0bc9d0135818" - -UPSTREAM_CHECK_URI = "http://ftp.isc.org/isc/dhcp/" -UPSTREAM_CHECK_REGEX = "(?P\d+\.\d+\.(\d+?))/" - -S = "${WORKDIR}/dhcp-${PV}" - -inherit autotools-brokensep systemd pkgconfig - -SYSTEMD_SERVICE:${PN} = "dhcrelay.service" -SYSTEMD_AUTO_ENABLE:${PN} = "disable" - -CFLAGS += "-D_GNU_SOURCE -fcommon" -LDFLAGS:append = " -pthread" - -EXTRA_OECONF = "--enable-paranoia \ - --disable-static \ - --enable-libtool \ - --with-randomdev=/dev/random \ - " - -# Enable shared libs per dhcp README -do_configure:prepend () { - cp configure.ac+lt configure.ac -} - -do_install:append () { - install -Dm 0644 ${WORKDIR}/default-relay ${D}${sysconfdir}/default/dhcp-relay - - if ${@bb.utils.contains('DISTRO_FEATURES','systemd','true','false',d)}; then - install -d ${D}${systemd_unitdir}/system - install -m 0644 ${WORKDIR}/dhcrelay.service ${D}${systemd_unitdir}/system - sed -i -e 's,@SBINDIR@,${sbindir},g' ${D}${systemd_unitdir}/system/dhcrelay.service - sed -i -e 's,@SYSCONFDIR@,${sysconfdir},g' ${D}${systemd_unitdir}/system/dhcrelay.service - else - install -d ${D}${sysconfdir}/init.d - install -m 0755 ${WORKDIR}/init-relay ${D}${sysconfdir}/init.d/dhcp-relay - fi -} - -PARALLEL_MAKE = "" diff --git a/meta-networking/recipes-connectivity/dhcp/dhcp-relay_4.4.3p1.bb b/meta-networking/recipes-connectivity/dhcp/dhcp-relay_4.4.3p1.bb new file mode 100644 index 0000000000..2fd86bc28a --- /dev/null +++ b/meta-networking/recipes-connectivity/dhcp/dhcp-relay_4.4.3p1.bb @@ -0,0 +1,62 @@ +SECTION = "console/network" +SUMMARY = "Internet Software Consortium DHCP Relay Agent" +DESCRIPTION = "A DHCP relay agent passes DHCP requests from one \ +LAN to another, so that a DHCP server is not needed on every LAN." + +HOMEPAGE = "http://www.isc.org/" + +LICENSE = "MPL-2.0" +LIC_FILES_CHKSUM = "file://LICENSE;md5=c463f4afde26d9eb60f14f50aeb85f8f" + +DEPENDS = "openssl libcap zlib" + +SRC_URI = "https://downloads.isc.org/isc/dhcp/4.4.3-P1/dhcp-4.4.3-P1.tar.gz \ + file://default-relay \ + file://init-relay \ + file://dhcrelay.service \ + file://0001-Makefile.am-only-build-dhcrelay.patch \ + file://0002-bind-Makefile.in-disable-backtrace.patch \ + file://0003-bind-Makefile.in-regenerate-configure.patch \ + " + +SRC_URI[sha256sum] = "0ac416bb55997ca8632174fd10737fd61cdb8dba2752160a335775bc21dc73c7" + +UPSTREAM_CHECK_URI = "http://ftp.isc.org/isc/dhcp/" +UPSTREAM_CHECK_REGEX = "(?P\d+\.\d+\.(\d+?))/" + +S = "${WORKDIR}/dhcp-4.4.3-P1" + +inherit autotools-brokensep systemd pkgconfig + +SYSTEMD_SERVICE:${PN} = "dhcrelay.service" +SYSTEMD_AUTO_ENABLE:${PN} = "disable" + +CFLAGS += "-D_GNU_SOURCE -fcommon" +LDFLAGS:append = " -pthread" + +EXTRA_OECONF = "--enable-paranoia \ + --disable-static \ + --enable-libtool \ + --with-randomdev=/dev/random \ + " + +# Enable shared libs per dhcp README +do_configure:prepend () { + cp configure.ac+lt configure.ac +} + +do_install:append () { + install -Dm 0644 ${WORKDIR}/default-relay ${D}${sysconfdir}/default/dhcp-relay + + if ${@bb.utils.contains('DISTRO_FEATURES','systemd','true','false',d)}; then + install -d ${D}${systemd_unitdir}/system + install -m 0644 ${WORKDIR}/dhcrelay.service ${D}${systemd_unitdir}/system + sed -i -e 's,@SBINDIR@,${sbindir},g' ${D}${systemd_unitdir}/system/dhcrelay.service + sed -i -e 's,@SYSCONFDIR@,${sysconfdir},g' ${D}${systemd_unitdir}/system/dhcrelay.service + else + install -d ${D}${sysconfdir}/init.d + install -m 0755 ${WORKDIR}/init-relay ${D}${sysconfdir}/init.d/dhcp-relay + fi +} + +PARALLEL_MAKE = "" -- cgit v1.2.3-54-g00ecf