package/dhcp: security bump to version 4.4.3-P1

- Corrected a reference count leak that occurs when the server builds responses to leasequery packets. Thanks to VictorV of Cyber Kunlun Lab for reporting the issue. [Gitlab #253] CVE: CVE-2022-2928 - Corrected a memory leak that occurs when unpacking a packet that has an FQDN option (81) that contains a label with length greater than 63 bytes. Thanks to VictorV of Cyber Kunlun Lab for reporting the issue. [Gitlab #254] CVE: CVE-2022-2929 https://kb.isc.org/docs/cve-2022-2928 https://kb.isc.org/docs/cve-2022-2929 https://ftp.isc.org/isc/dhcp/4.4.3-P1/dhcp-4.4.3-P1-RELNOTES Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com> Signed-off-by: Peter Korsgaard <peter@korsgaard.com> (cherry picked from commit 99a570ee2b) Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2022-10-16 23:09:31 +02:00 · 2022-10-16 23:09:31 +02:00 · 7c53e77a87
commit 7c53e77a87
parent 9c545f74c5
2 changed files with 3 additions and 3 deletions
--- a/package/dhcp/dhcp.hash
+++ b/package/dhcp/dhcp.hash
@ -1,4 +1,4 @@
-# Verified from https://ftp.isc.org/isc/dhcp/4.4.3/dhcp-4.4.3.tar.gz.sha256.asc
-sha256  0e3ec6b4c2a05ec0148874bcd999a66d05518378d77421f607fb0bc9d0135818  dhcp-4.4.3.tar.gz
+# Verified from https://ftp.isc.org/isc/dhcp/4.4.3-P1/dhcp-4.4.3-P1.tar.gz.sha256.asc
+sha256  0ac416bb55997ca8632174fd10737fd61cdb8dba2752160a335775bc21dc73c7  dhcp-4.4.3-P1.tar.gz
 # Locally calculated
 sha256  45a39c430be0920cb9570f34b32d2378fe6048c034f2f3265b9326d64ada73df  LICENSE
--- a/package/dhcp/dhcp.mk
+++ b/package/dhcp/dhcp.mk
@ -4,7 +4,7 @@
 #
 ################################################################################

-DHCP_VERSION = 4.4.3
+DHCP_VERSION = 4.4.3-P1
 DHCP_SITE = https://ftp.isc.org/isc/dhcp/$(DHCP_VERSION)
 DHCP_INSTALL_STAGING = YES
 DHCP_LICENSE = MPL-2.0