kumquat-buildroot/package/dhcp
Baruch Siach 047cec5993 dhcp: add upstream security fixes
CVE-2018-5732: The DHCP client incorrectly handled certain malformed
responses. A remote attacker could use this issue to cause the DHCP
client to crash, resulting in a denial of service, or possibly execute
arbitrary code. In the default installation, attackers would be isolated
by the dhclient AppArmor profile.

CVE-2018-5733: The DHCP server incorrectly handled reference counting. A
remote attacker could possibly use this issue to cause the DHCP server
to crash, resulting in a denial of service.

Both issues are fixed in version 4.4.1. But we are close to release, so
backport the fixes instead of bumping version.

Signed-off-by: Baruch Siach <baruch@tkos.co.il>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2018-03-03 23:26:08 +01:00
..
0001-bind-cross-compile.patch dhcp: bump to version 4.3.6 2017-12-13 14:04:07 +01:00
0002-v4_3-Plugs-a-socket-descriptor-leak-in-OMAPI.patch dhcp: add upstream security fix 2017-12-13 14:04:17 +01:00
0003-Correct-buffer-overrun-in-pretty_print_option.patch dhcp: add upstream security fixes 2018-03-03 23:26:08 +01:00
0004-Corrected-refcnt-loss-in-option-parsing.patch dhcp: add upstream security fixes 2018-03-03 23:26:08 +01:00
Config.in
dhclient-script
dhclient.conf
dhcp.hash dhcp: bump to version 4.3.6 2017-12-13 14:04:07 +01:00
dhcp.mk dhcp: disable isc assertions (reproducible builds) 2018-02-03 22:50:09 +01:00
dhcpd.conf
dhcpd.service
S80dhcp-relay
S80dhcp-server