[arch-commits] Commit in dnsmasq/trunk (3 files)
Christian Hesse
eworm at archlinux.org
Mon Oct 2 13:53:21 UTC 2017
Date: Monday, October 2, 2017 @ 13:53:20
Author: eworm
Revision: 306561
upgpkg: dnsmasq 2.78-1
new upstream release, fixing a number of security vulnerabilities:
* CVE-2017-14495, OOM in DNS response creation.
* CVE-2017-14496, Integer underflow in DNS response creation.
* CVE-2017-14494, Infoleak handling DHCPv6 forwarded requests.
* CVE-2017-14493, DHCPv6 - Stack buffer overflow.
* CVE-2017-14492, DHCPv6 RA heap overflow.
* CVE-2017-14491, DNS heap buffer overflow.
Modified:
dnsmasq/trunk/PKGBUILD
Deleted:
dnsmasq/trunk/0001-do-not-include-stdio-h-before-dnsmasq-h.patch
dnsmasq/trunk/0002-Fix-logic-of-appending-layer-to-PXE-basename.patch
---------------------------------------------------------+
0001-do-not-include-stdio-h-before-dnsmasq-h.patch | 24 ---------
0002-Fix-logic-of-appending-layer-to-PXE-basename.patch | 35 --------------
PKGBUILD | 17 +-----
3 files changed, 3 insertions(+), 73 deletions(-)
Deleted: 0001-do-not-include-stdio-h-before-dnsmasq-h.patch
===================================================================
--- 0001-do-not-include-stdio-h-before-dnsmasq-h.patch 2017-10-02 13:48:19 UTC (rev 306560)
+++ 0001-do-not-include-stdio-h-before-dnsmasq-h.patch 2017-10-02 13:53:20 UTC (rev 306561)
@@ -1,24 +0,0 @@
-Subject: [PATCH 1/1] do not include stdio.h before dnsmasq.h
-Date: Tue, 22 Aug 2017 23:19:29 +0200
-From: Christian Hesse <mail at eworm.de>
-
-We define some constants in dnsmasq.h, which have an influence on
-stdio.h. So do not include stdio.h before dnsmasq.h.
-
-Signed-off-by: Christian Hesse <mail at eworm.de>
----
- src/helper.c | 1 -
- 1 file changed, 1 deletion(-)
-
-diff --git a/src/helper.c b/src/helper.c
-index 635677e..281cb4a 100644
---- a/src/helper.c
-+++ b/src/helper.c
-@@ -14,7 +14,6 @@
- along with this program. If not, see <http://www.gnu.org/licenses/>.
- */
-
--#include <stdio.h>
- #include "dnsmasq.h"
-
- #ifdef HAVE_SCRIPT
Deleted: 0002-Fix-logic-of-appending-layer-to-PXE-basename.patch
===================================================================
--- 0002-Fix-logic-of-appending-layer-to-PXE-basename.patch 2017-10-02 13:48:19 UTC (rev 306560)
+++ 0002-Fix-logic-of-appending-layer-to-PXE-basename.patch 2017-10-02 13:53:20 UTC (rev 306561)
@@ -1,35 +0,0 @@
-From: Chris Novakovic <chris at chrisn.me.uk>
-Date: Tue, 6 Jun 2017 22:02:59 +0000 (+0100)
-Subject: Fix logic of appending ".<layer>" to PXE basename
-X-Git-Tag: v2.78test1~1
-X-Git-Url: http://thekelleys.org.uk/gitweb/?p=dnsmasq.git;a=commitdiff_plain;h=2446514e716075cfe2be35e2a9b9de4eacdbac99
-
-Fix logic of appending ".<layer>" to PXE basename
-
-Commit f77700aa, which fixes a compiler warning, also breaks the
-behaviour of prepending ".<layer>" to basenames in --pxe-service: in
-situations where the basename contains a ".", the ".<layer>" suffix is
-erroneously added, and in situations where the basename doesn't contain
-a ".", the ".<layer>" suffix is erroneously omitted.
-
-A patch against the git HEAD is attached that inverts this logic and
-restores the expected behaviour of --pxe-service.
----
-
-diff --git a/src/rfc2131.c b/src/rfc2131.c
-index a679470..1c850e5 100644
---- a/src/rfc2131.c
-+++ b/src/rfc2131.c
-@@ -836,10 +836,10 @@ size_t dhcp_reply(struct dhcp_context *context, char *iface_name, int int_index,
-
- if (strchr(service->basename, '.'))
- snprintf((char *)mess->file, sizeof(mess->file),
-- "%s.%d", service->basename, layer);
-+ "%s", service->basename);
- else
- snprintf((char *)mess->file, sizeof(mess->file),
-- "%s", service->basename);
-+ "%s.%d", service->basename, layer);
-
- option_put(mess, end, OPTION_MESSAGE_TYPE, 1, DHCPACK);
- option_put(mess, end, OPTION_SERVER_IDENTIFIER, INADDRSZ, htonl(context->local.s_addr));
Modified: PKGBUILD
===================================================================
--- PKGBUILD 2017-10-02 13:48:19 UTC (rev 306560)
+++ PKGBUILD 2017-10-02 13:53:20 UTC (rev 306561)
@@ -5,8 +5,8 @@
# Contributor: Tom Newsom <Jeepster at gmx.co.uk>
pkgname=dnsmasq
-pkgver=2.77
-pkgrel=4
+pkgver=2.78
+pkgrel=1
pkgdesc="Lightweight, easy to configure DNS forwarder and DHCP server"
url="http://www.thekelleys.org.uk/dnsmasq/doc.html"
arch=('i686' 'x86_64')
@@ -15,26 +15,15 @@
backup=('etc/dnsmasq.conf')
validpgpkeys=('D6EACBD6EE46B834248D111215CDDA6AE19135A2') # Simon Kelley <simon at thekelleys.org.uk>
source=("http://www.thekelleys.org.uk/$pkgname/$pkgname-$pkgver.tar.xz"{,.asc}
- '0001-do-not-include-stdio-h-before-dnsmasq-h.patch'
- '0002-Fix-logic-of-appending-layer-to-PXE-basename.patch'
'dnsmasq-sysusers.conf'
'dnsmasq.service')
-sha256sums=('6eac3b1c50ae25170e3ff8c96ddb55236cf45007633fdb8a35b1f3e02f5f8b8a'
+sha256sums=('89949f438c74b0c7543f06689c319484bd126cc4b1f8c745c742ab397681252b'
'SKIP'
- 'bd39af88222ec44d269734d0513656bed865fb0f0901b538fdbbe19768e91bcf'
- '5c969e79037980f3d138434a40c4478f7383f9ee9a46689c96dcf93f74062e11'
'7f6ff6a709038ae580758f4b6a754451d7f7ce22957b88a36b97f7b643d3c2ab'
'983a3c7a68ce114cf7b44f0d9c59b74c266647a9e5ac34c1d1d5161610bc57fe')
_build_copts="-DHAVE_DNSSEC -DHAVE_DBUS -DHAVE_IDN -DHAVE_CONNTRACK"
-prepare() {
- cd "$pkgname-$pkgver"
-
- patch -Np1 < "${srcdir}"/0001-do-not-include-stdio-h-before-dnsmasq-h.patch
- patch -Np1 < "${srcdir}"/0002-Fix-logic-of-appending-layer-to-PXE-basename.patch
-}
-
build() {
cd "$pkgname-$pkgver"
More information about the arch-commits
mailing list