From adaa194cdf1f6d3ccac7a0261d5ca1c0ba66044b Mon Sep 17 00:00:00 2001 From: Armin Kuster Date: Sun, 24 Jun 2018 11:43:48 -0700 Subject: dhcp: update 4.4.1 include several CVE fixes. CVE: CVE-2018-5733 CVE: CVE-2018-5732 LIC_CHKSUM_FILE updated to SPFX format https://kb.isc.org/article/AA-01571 remove several patches now included in update. Shared libarary support is now enabled in configure+lt, use it and revert to autotools-brokensep Refresh patches aligns support with bind 9.11.x add libxml2 support to configure.ac+lt [v2] cleaned up do_configure per feedback fix hard coded lib & include patch Signed-off-by: Armin Kuster --- .../dhcp/dhcp/CVE-2017-3144.patch | 74 ---------------------- 1 file changed, 74 deletions(-) delete mode 100644 meta/recipes-connectivity/dhcp/dhcp/CVE-2017-3144.patch (limited to 'meta/recipes-connectivity/dhcp/dhcp/CVE-2017-3144.patch') diff --git a/meta/recipes-connectivity/dhcp/dhcp/CVE-2017-3144.patch b/meta/recipes-connectivity/dhcp/dhcp/CVE-2017-3144.patch deleted file mode 100644 index 2b2688cb2f..0000000000 --- a/meta/recipes-connectivity/dhcp/dhcp/CVE-2017-3144.patch +++ /dev/null @@ -1,74 +0,0 @@ -From 8cfdedee369c26d2869b6ec4a64460b5f5a30934 Mon Sep 17 00:00:00 2001 -From: Thomas Markwalder -Date: Thu, 7 Dec 2017 11:39:30 -0500 -Subject: [PATCH] [v4_3] Plugs a socket descriptor leak in OMAPI - - Merges in rt46767. - -Upstream-Status: Backport -[https://source.isc.org/cgi-bin/gitweb.cgi?p=dhcp.git;a=commitdiff;h=5097bc0559f592683faac1f67bf350e1bddf6ed4] - -CVE: CVE-2017-3144 - -Signed-off-by: Mingli Yu -Signed-off-by: Yi Zhao ---- - RELNOTES | 7 +++++++ - omapip/buffer.c | 9 +++++++++ - omapip/message.c | 2 +- - 3 files changed, 17 insertions(+), 1 deletion(-) - -diff --git a/RELNOTES b/RELNOTES -index dd40aaf..3741b80 100644 ---- a/RELNOTES -+++ b/RELNOTES -@@ -66,6 +66,13 @@ We welcome comments from DHCP users, about this or anything else we do. - Email Vicky Risk, Product Manager at vicky@isc.org or discuss on - dhcp-users@lists.isc.org. - -+- Plugged a socket descriptor leak in OMAPI, that can occur when there is -+ data pending to be written to an OMAPI connection, when the connection -+ is closed by the reader. Thanks to Pavel Zhukov at RedHat for bringing -+ this issue to our attention and whose patch helped guide us in the right -+ direction. -+ [ISc-Bugs #46767] -+ - Changes since 4.3.6b1 - - - None -diff --git a/omapip/buffer.c b/omapip/buffer.c -index f7fdc32..809034d 100644 ---- a/omapip/buffer.c -+++ b/omapip/buffer.c -@@ -566,6 +566,15 @@ isc_result_t omapi_connection_writer (omapi_object_t *h) - omapi_buffer_dereference (&buffer, MDL); - } - } -+ -+ /* If we had data left to write when we're told to disconnect, -+ * we need recall disconnect, now that we're done writing. -+ * See rt46767. */ -+ if (c->out_bytes == 0 && c->state == omapi_connection_disconnecting) { -+ omapi_disconnect (h, 1); -+ return ISC_R_SHUTTINGDOWN; -+ } -+ - return ISC_R_SUCCESS; - } - -diff --git a/omapip/message.c b/omapip/message.c -index 59ccdc2..21bcfc3 100644 ---- a/omapip/message.c -+++ b/omapip/message.c -@@ -339,7 +339,7 @@ isc_result_t omapi_message_unregister (omapi_object_t *mo) - } - - #ifdef DEBUG_PROTOCOL --static const char *omapi_message_op_name(int op) { -+const char *omapi_message_op_name(int op) { - switch (op) { - case OMAPI_OP_OPEN: return "OMAPI_OP_OPEN"; - case OMAPI_OP_REFRESH: return "OMAPI_OP_REFRESH"; --- -2.7.4 - -- cgit 1.2.3-korg