From 153ac9bb204e55276263530db56bd39540d15b53 Mon Sep 17 00:00:00 2001 From: Patrick J Volkerding Date: Wed, 5 Oct 2022 18:55:36 +0000 Subject: Wed Oct 5 18:55:36 UTC 2022 patches/packages/dhcp-4.4.3_P1-x86_64-1_slack15.0.txz: Upgraded. This update fixes two security issues: Corrected a reference count leak that occurs when the server builds responses to leasequery packets. Corrected a memory leak that occurs when unpacking a packet that has an FQDN option (81) that contains a label with length greater than 63 bytes. Thanks to VictorV of Cyber Kunlun Lab for reporting these issues. For more information, see: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2928 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2929 (* Security fix *) --- patches/source/dhcp/doinst.sh | 21 +++++++++++++++++++++ 1 file changed, 21 insertions(+) create mode 100644 patches/source/dhcp/doinst.sh (limited to 'patches/source/dhcp/doinst.sh') diff --git a/patches/source/dhcp/doinst.sh b/patches/source/dhcp/doinst.sh new file mode 100644 index 000000000..a376034a5 --- /dev/null +++ b/patches/source/dhcp/doinst.sh @@ -0,0 +1,21 @@ +config() { + NEW="$1" + OLD="$(dirname $NEW)/$(basename $NEW .new)" + # If there's no config file by that name, mv it over: + if [ ! -r $OLD ]; then + mv $NEW $OLD + elif [ "$(cat $OLD | md5sum)" = "$(cat $NEW | md5sum)" ]; then + # toss the redundant copy + rm $NEW + fi + # Otherwise, we leave the .new copy for the admin to consider... +} + +config etc/dhcpd.conf.new +config etc/dhclient.conf.new +config var/state/dhcp/dhcpd.leases.new +config var/state/dhcp/dhcpd6.leases.new +config var/state/dhcp/dhclient.leases.new +config var/state/dhcp/dhclient6.leases.new +rm -f var/state/dhcp/*.leases.new + -- cgit v1.2.3-65-gdbad