pkgsrc.se | The NetBSD package collection

./net/isc-dhcp4, ISC Dynamic Host Configuration Protocol (DHCP) Base

[ CVSweb ] [ Homepage ] [ RSS ] [ Required by ] [ Add to tracker ]

Branch: pkgsrc-2012Q2, Version: 4.2.4p2, Package name: isc-dhcp-4.2.4p2, Maintainer: pkgsrc-users

ISC's Dynamic Host Configuration Protocol Distribution provides a
freely redistributable reference implementation of all aspects of
DHCP, through a suite of DHCP tools:

* A DHCP server
* A DHCP client
* A DHCP relay agent

These tools all use a modular API which is designed to be sufficiently
general that it can easily be made to work on POSIX-compliant
operating systems and also non-POSIX systems like Windows NT and
MacOS.

The DHCP server, client and relay agent are provided both as
reference implementations of the protocol and as working, fully-featured
sample implementations. Both the client and the server provide
functionality that, while not strictly required by the protocol,
is very useful in practice. The DHCP server also makes allowances
for non-compliant clients which one might still like to support.

This package contains the Base component.

Required to build:
[devel/gmake]

Package options: inet6

Master sites: (Expand)

SHA1: 78a819d7af6688942429de2178124ea371f038f2
RMD160: a02661dc79079b1936db888666e56c7436b5bab9
Filesize: 7998.251 KB

Version history: (Expand)

(2012-09-13) Updated to version: isc-dhcp-4.2.4p2
(2012-07-25) Updated to version: isc-dhcp-4.2.4p1
(2012-07-05) Package added to pkgsrc.se, version isc-dhcp-4.2.4 (created)

CVS history: (Expand)

2012-09-13 10:01:13 by Steven Drake | Files touched by this commit (2)

Log message:
Pullup ticket #3920 - requested by taca
net/{isc-dhcp4,isc-dhcpd4,isc-dhclient4,isc-dhcrelay} security fix

Revisions pulled up:
- net/isc-dhcp4/Makefile.common                                 1.17
- net/isc-dhcp4/distinfo                                        1.13

---
   Module Name:	pkgsrc
   Committed By:	taca
   Date:		Thu Sep 13 01:38:58 UTC 2012

   Modified Files:
   	pkgsrc/net/isc-dhcp4: Makefile.common distinfo

   Log message:
   Update ISC DHCP package to 4.2.4p2 (ISC DHCP 4.2.4-P2).

   			Changes since 4.2.4-P1

   ! An issue with the use of lease times was found and fixed.  Making
     certain changes to the end time of an IPv6 lease could cause the
     server to abort.  Thanks to Glen Eustace of Massey University,
     New Zealand for finding this issue.
     [ISC-Bugs #30281]
     CVE: CVE-2012-3955

2012-07-25 07:44:06 by S.P.Zeidler | Files touched by this commit (3) | Package updated

Log message:
Pullup ticket #3869 - requested by taca
net/isc-dhcp4: security update

Revisions pulled up:
- net/isc-dhcp4/Makefile.common                                 1.16
- net/isc-dhcp4/distinfo                                        1.12
- net/isc-dhcp4/patches/patch-includes_Makefile.in              1.2

-------------------------------------------------------------------
   Module Name:	pkgsrc
   Committed By:	taca
   Date:		Wed Jul 25 00:56:53 UTC 2012

   Modified Files:
   	pkgsrc/net/isc-dhcp4: Makefile.common distinfo
   	pkgsrc/net/isc-dhcp4/patches: patch-includes_Makefile.in

   Log message:
   Update isc-dhcp4 package to 4.2.4p1 (ISC DHCP 4.2.4-P1).
   Fixes security problems.

   			Changes since 4.2.4

   ! Previously the server code was relaxed to allow packets with zero
     length client ids to be processed.  Under some situations use of
     zero length client ids can cause the server to go into an infinite
     loop.  As such ids are not valid according to RFC 2132 section 9.14
     the server no longer accepts them.  Client ids with a length of 1
     are also invalid but the server still accepts them in order to
     minimize disruption.  The restriction will likely be tightened in
     the future to disallow ids with a length of 1.
     Thanks to Markus Hietava of Codenomicon CROSS project for the
     finding this issue and CERT-FI for vulnerability coordination.
     [ISC-Bugs #29851]
     CVE: CVE-2012-3571

   ! When attempting to convert a DUID from a client id option
     into a hardware address handle unexpected client ids properly.
     Thanks to Markus Hietava of Codenomicon CROSS project for the
     finding this issue and CERT-FI for vulnerability coordination.
     [ISC-Bugs #29852]
     CVE: CVE-2012-3570

   ! A pair of memory leaks were found and fixed.  Thanks to
     Glen Eustace of Massey University, New Zealand for finding
     this issue.
     [ISC-Bugs #30024]
     CVE: CVE-2012-3954

   To generate a diff of this commit:
   cvs rdiff -u -r1.15 -r1.16 pkgsrc/net/isc-dhcp4/Makefile.common
   cvs rdiff -u -r1.11 -r1.12 pkgsrc/net/isc-dhcp4/distinfo
   cvs rdiff -u -r1.1 -r1.2 \
       pkgsrc/net/isc-dhcp4/patches/patch-includes_Makefile.in