[arch-commits] Commit in dnsmasq/trunk (3 files)

Christian Hesse eworm at archlinux.org
Mon Oct 2 13:53:21 UTC 2017


    Date: Monday, October 2, 2017 @ 13:53:20
  Author: eworm
Revision: 306561

upgpkg: dnsmasq 2.78-1

new upstream release, fixing a number of security vulnerabilities:

* CVE-2017-14495, OOM in DNS response creation.
* CVE-2017-14496, Integer underflow in DNS response creation.
* CVE-2017-14494, Infoleak handling DHCPv6 forwarded requests.
* CVE-2017-14493, DHCPv6 - Stack buffer overflow.
* CVE-2017-14492, DHCPv6 RA heap overflow.
* CVE-2017-14491, DNS heap buffer overflow.

Modified:
  dnsmasq/trunk/PKGBUILD
Deleted:
  dnsmasq/trunk/0001-do-not-include-stdio-h-before-dnsmasq-h.patch
  dnsmasq/trunk/0002-Fix-logic-of-appending-layer-to-PXE-basename.patch

---------------------------------------------------------+
 0001-do-not-include-stdio-h-before-dnsmasq-h.patch      |   24 ---------
 0002-Fix-logic-of-appending-layer-to-PXE-basename.patch |   35 --------------
 PKGBUILD                                                |   17 +-----
 3 files changed, 3 insertions(+), 73 deletions(-)

Deleted: 0001-do-not-include-stdio-h-before-dnsmasq-h.patch
===================================================================
--- 0001-do-not-include-stdio-h-before-dnsmasq-h.patch	2017-10-02 13:48:19 UTC (rev 306560)
+++ 0001-do-not-include-stdio-h-before-dnsmasq-h.patch	2017-10-02 13:53:20 UTC (rev 306561)
@@ -1,24 +0,0 @@
-Subject: [PATCH 1/1] do not include stdio.h before dnsmasq.h
-Date: Tue, 22 Aug 2017 23:19:29 +0200
-From: Christian Hesse <mail at eworm.de>
-
-We define some constants in dnsmasq.h, which have an influence on
-stdio.h. So do not include stdio.h before dnsmasq.h.
-
-Signed-off-by: Christian Hesse <mail at eworm.de>
----
- src/helper.c | 1 -
- 1 file changed, 1 deletion(-)
-
-diff --git a/src/helper.c b/src/helper.c
-index 635677e..281cb4a 100644
---- a/src/helper.c
-+++ b/src/helper.c
-@@ -14,7 +14,6 @@
-    along with this program.  If not, see <http://www.gnu.org/licenses/>.
- */
- 
--#include <stdio.h>
- #include "dnsmasq.h"
- 
- #ifdef HAVE_SCRIPT

Deleted: 0002-Fix-logic-of-appending-layer-to-PXE-basename.patch
===================================================================
--- 0002-Fix-logic-of-appending-layer-to-PXE-basename.patch	2017-10-02 13:48:19 UTC (rev 306560)
+++ 0002-Fix-logic-of-appending-layer-to-PXE-basename.patch	2017-10-02 13:53:20 UTC (rev 306561)
@@ -1,35 +0,0 @@
-From: Chris Novakovic <chris at chrisn.me.uk>
-Date: Tue, 6 Jun 2017 22:02:59 +0000 (+0100)
-Subject: Fix logic of appending ".<layer>" to PXE basename
-X-Git-Tag: v2.78test1~1
-X-Git-Url: http://thekelleys.org.uk/gitweb/?p=dnsmasq.git;a=commitdiff_plain;h=2446514e716075cfe2be35e2a9b9de4eacdbac99
-
-Fix logic of appending ".<layer>" to PXE basename
-
-Commit f77700aa, which fixes a compiler warning, also breaks the
-behaviour of prepending ".<layer>" to basenames in --pxe-service: in
-situations where the basename contains a ".", the ".<layer>" suffix is
-erroneously added, and in situations where the basename doesn't contain
-a ".", the ".<layer>" suffix is erroneously omitted.
-
-A patch against the git HEAD is attached that inverts this logic and
-restores the expected behaviour of --pxe-service.
----
-
-diff --git a/src/rfc2131.c b/src/rfc2131.c
-index a679470..1c850e5 100644
---- a/src/rfc2131.c
-+++ b/src/rfc2131.c
-@@ -836,10 +836,10 @@ size_t dhcp_reply(struct dhcp_context *context, char *iface_name, int int_index,
- 	  
- 	  if (strchr(service->basename, '.'))
- 	    snprintf((char *)mess->file, sizeof(mess->file),
--		"%s.%d", service->basename, layer);
-+		"%s", service->basename);
- 	  else
- 	    snprintf((char *)mess->file, sizeof(mess->file),
--		"%s", service->basename);
-+		"%s.%d", service->basename, layer);
- 	  
- 	  option_put(mess, end, OPTION_MESSAGE_TYPE, 1, DHCPACK);
- 	  option_put(mess, end, OPTION_SERVER_IDENTIFIER, INADDRSZ, htonl(context->local.s_addr));

Modified: PKGBUILD
===================================================================
--- PKGBUILD	2017-10-02 13:48:19 UTC (rev 306560)
+++ PKGBUILD	2017-10-02 13:53:20 UTC (rev 306561)
@@ -5,8 +5,8 @@
 # Contributor: Tom Newsom <Jeepster at gmx.co.uk>
 
 pkgname=dnsmasq
-pkgver=2.77
-pkgrel=4
+pkgver=2.78
+pkgrel=1
 pkgdesc="Lightweight, easy to configure DNS forwarder and DHCP server"
 url="http://www.thekelleys.org.uk/dnsmasq/doc.html"
 arch=('i686' 'x86_64')
@@ -15,26 +15,15 @@
 backup=('etc/dnsmasq.conf')
 validpgpkeys=('D6EACBD6EE46B834248D111215CDDA6AE19135A2') # Simon Kelley <simon at thekelleys.org.uk>
 source=("http://www.thekelleys.org.uk/$pkgname/$pkgname-$pkgver.tar.xz"{,.asc}
-        '0001-do-not-include-stdio-h-before-dnsmasq-h.patch'
-        '0002-Fix-logic-of-appending-layer-to-PXE-basename.patch'
         'dnsmasq-sysusers.conf'
         'dnsmasq.service')
-sha256sums=('6eac3b1c50ae25170e3ff8c96ddb55236cf45007633fdb8a35b1f3e02f5f8b8a'
+sha256sums=('89949f438c74b0c7543f06689c319484bd126cc4b1f8c745c742ab397681252b'
             'SKIP'
-            'bd39af88222ec44d269734d0513656bed865fb0f0901b538fdbbe19768e91bcf'
-            '5c969e79037980f3d138434a40c4478f7383f9ee9a46689c96dcf93f74062e11'
             '7f6ff6a709038ae580758f4b6a754451d7f7ce22957b88a36b97f7b643d3c2ab'
             '983a3c7a68ce114cf7b44f0d9c59b74c266647a9e5ac34c1d1d5161610bc57fe')
 
 _build_copts="-DHAVE_DNSSEC -DHAVE_DBUS -DHAVE_IDN -DHAVE_CONNTRACK"
 
-prepare() {
-  cd "$pkgname-$pkgver"
-
-  patch -Np1 < "${srcdir}"/0001-do-not-include-stdio-h-before-dnsmasq-h.patch
-  patch -Np1 < "${srcdir}"/0002-Fix-logic-of-appending-layer-to-PXE-basename.patch
-}
-
 build() {
   cd "$pkgname-$pkgver"
 



More information about the arch-commits mailing list