- Fixed dhcp server start script to use correct libdir (bnc#868250)
- Fixed dhcp server to chown leases to run user at start (bnc#868253)
[+ 0020-dhcp-4.2.x-chown-server-leases.bnc868253.patch]
- Fixed to write missed dhcp-ldap debug level messages (bnc#835818)
[+ 0019-dhcp-4.2.x-ldap-debug-write.bnc835818.patch]
- Fixed unsupported dhclient-script used by sysconfig ifup to provide
a function to calculate netmask. NetworkManager provides an own one.
OBS-URL: https://build.opensuse.org/package/show/network:dhcp/dhcp?expand=0&rev=131
and enabled Restart=on-abort (fate#315133).
- Update to ISC dhcp-4.2.6 release. See RELNOTES file for the
complete list of changes -- digest of fixes not in dhcp-4.2.5:
- Tidy up receive packet processing.
Thanks to Brad Plank of GTA for reporting the issue and
suggesting a possible patch. [ISC-Bugs #34447]
- Fix the socket handling for DHCPv6 clients to allow multiple
instances of a client on a single machine to work properly.
Previously only one client would receive the packets.
Thanks to Jiri Popelka at Red Hat for the bug report and a
potential patch. [ISC-Bugs #34784]
- Added support for gentle shutdown after signal is received.
[ISC-Bugs #32692] [ISC-Bugs 34945]
- Enhance the DHCPv6 server logging to include the addresses
that are assigned to the clients. This can be enabled by
defining LOG_V6_ADDRESSES in site.h. [ISC-Bugs #26377]
- Fix an operation in the DDNS code to be a bitwise instead
of logical or. [ISC-Bugs #35138]
- Merged patches for dhcp-4.2.6 version to apply without fuzzy,
prepended patch number prefixes to match spec file patch nr,
added patch markup tags / bug numbers to the spec file.
- Applied contrib-lease-path pach to contrib.tar.gz
[- contrib-lease-path.diff]
- Changed to require automake and use its config.sub and guess
files instead of maintaining a patch.
[- config-guess-sub-update.patch]
- Enabled to log DHCPv6 addresses assigned by server to clients
[+ 0016-server-log-DHCPv6-addresses-assigned-to-clients.patch]
- Cleaned up documentation, rpmlint adjustments.
OBS-URL: https://build.opensuse.org/package/show/network:dhcp/dhcp?expand=0&rev=121
complete list of changes -- digest of fixes not in dhcp-4.2.4-P2:
- Correct code to calculate rebind timing values in client
[ISC-Bugs #29062]
- Fix some issues in the code for parsing and printing options.
[ISC-Bugs #22625,#27289,#27296,#27314]
- Update the memory leakage debug code to work with v6.
[ISC-Bugs #30297]
- Relax the requirements for deleting an A or AAAA record.
This relaxation was codified in RFC 4703. [ISC-Bugs #30734]
- Modify the failover code to handle incorrect peer names better.
[ISC-Bugs #30320]
- Fix a set of issues that were discovered via a code inspection
tool. [ISC-Bugs #23833]
- Parsing unquoted base64 strings improved. [ISC-Bugs #23048]
- The client now passes information about the options it requested
from the server to the script code via environment variables.
These variables are of the form requested_<option_name>=1 with
the option name being the same as used in the new_* and old_*
variables. [ISC-Bugs #29068]
- Check the status value when trying to read from a connection to
see if it may have been closed. If it appears closed don't try
to read from it again. This avoids a potential busy-wait like
loop when the peer names are mismatched. [ISC-Bugs #31231]
- Remove an unused variable to keep compilers happy.
[ISC-Bugs #31983]
- Removed obsolete parsing and printing option patch
[dhcp-4.2.4-parsing-and-printing-options.patch]
- Merged dhcp-4.2.2-dhclient-send-hostname-rml.diff
[dhcp-4.2.5-dhclient-send-hostname-rml.patch]
OBS-URL: https://build.opensuse.org/package/show/network:dhcp/dhcp?expand=0&rev=96
an issue with the use of lease times was found and fixed. Making
certain changes to the end time of an IPv6 lease could cause the
server to abort. Thanks to Glen Eustace of Massey University,
New Zealand for finding this issue.
([ISC-Bugs #30281], CVE: CVE-2012-3955, bnc#780167)
OBS-URL: https://build.opensuse.org/package/show/network:dhcp/dhcp?expand=0&rev=94
- Moved lease file check to a separate action so it is not used in
restart -- it can fail when the daemon rewrites the lease causing
a restart failure then (bnc#762108 regression).
- Request dhcp6.sntp-servers in /etc/dhclient6.conf and forward to
netconfig for processing (bnc#770236).
- Removed RFC 4833 TZ options from client requests [unused].
- Update to ISC dhcp-4.2.4 release, fixing a dhcpv6 server assert
crash while accessing lease on heap (bnc#767661) and providing...
OBS-URL: https://build.opensuse.org/package/show/network:dhcp/dhcp?expand=0&rev=92
Modify the DDNS handling code. In a previous patch we added logging
code to the DDNS handling. This code included a bug that caused it
to attempt to dereference a NULL pointer and eventually segfault.
While reviewing the code as we addressed this problem, we determined
that some of the updates to the lease structures would not work as
planned since the structures being updated were in the process of
being freed: these updates were removed. In addition we removed an
incorrect call to the DDNS removal function that could cause a failure
during the removal of DDNS information from the DNS server.
Thanks to Jasper Jongmans for reporting this issue.
([ISC-Bugs #27078], CVE: CVE-2011-4868, bnc#741239)
- Fixed close-on-exec patch to not set it on stderr (bnc#732910)
- Fixed incorrect "a" array type option parsing causing to discard
e.g. classless static routes from lease file [reported as ISC-Bug
27289] and zero-length option parsing such as dhcp6.rapid-commit
in dhclient6 [reported as ISC-Bug 27314] (bnc#739696).
- Fixed dhclient to include its pid number in syslog messages.
- Fixed to use P2 in the spec version, not in the release tag.
OBS-URL: https://build.opensuse.org/package/show/network:dhcp/dhcp?expand=0&rev=85
a DoS due to processing certain regular expressions (bnc#735610)
and several important DDNS related fixes:
* Add a check for a null pointer before calling the regexec function.
Without out this check we could, under some circumstances, pass
a null pointer to the regexec function causing it to segfault.
Thanks to a report from BlueCat Networks. [ISC-Bugs #26704]
CVE-2011-4539.
* Fix the code that checks for an existing DDNS transaction to
cancel when removing DDNS information, so that we will continue
with the processing if we have a lease even if it doesn't have an
outstanding transaction. [ISC-Bugs #24682]
* Add AM_MAINTAINER_MODE to configure.ac to avoid rebuilding
configuration files. [ISC-Bugs #24107]
* Add support for passing DDNS information to a DNS server over
an IPv6 address. [ISC-Bugs #22647]
* Enhanced patch for 23595 to handle IPv4 fixed addresses more
cleanly. [ISC-Bugs #23595]
- Refreshed ldap patch
OBS-URL: https://build.opensuse.org/package/show/network:dhcp/dhcp?expand=0&rev=82
(CVE-2011-2748,CVE-2011-2749,[ISC-Bugs #24960],bnc#712653), that
allowed remote attackers to cause a denial of service (a daemon
exit) via crafted BOOTP packets. Further also DNS update fix to
detect overlapping pools or misconfigured fixed-address entries,
that caused a server crash during DNS update and other fixes.
For a complete list, please see the RELNOTES file provided in
the package and also available online at http://www.isc.org/.
- Merged/adopted dhclient option-checks, send-hostname-rml, ldap
patch, xen-checksum, close-on-exec patches and removed obsolete
in6_pktinfo-prototype and relay-no-ip-on-interface patches.
- Moved server pid files into chroot directory even chroot is
not used and create a link in /var/run, so it can write one
when started as user without chroot and avoid stop problems
when the chroot sysconfig setting changed (bnc#712438).
- Disabled log-info level messages in dhclient(6) quiet mode to
avoid excessive logging of non-critical messages (bnc#711420).
- Fixed dhclient-script to not remove alias IP when it didn't
changed to not wipe out iptables connmark when renewing the
lease (bnc#700771). Thanks to James Carter for the patch.
- Fixed DDNS-howto.txt reference in the config file; it has been
moved to the dhcp-doc package (bnc#697279).
- Removed GPL licensed files (bind-*/contrib/dbus) from bind.tgz
to ensure, they're not used to build non-GPL dhcp (bnc#714004).
- Changed to apply strict-aliasing/RELRO for >= 12.x only
OBS-URL: https://build.opensuse.org/package/show/network:dhcp/dhcp?expand=0&rev=75
startup of the dhcp server in cases where the ldap server is not
yet started. Set the ldap-init-retry <num> option in dhcpd.conf
to enable it (bnc#627617). Merged in the actual ldap patch.
- Cleaned up init script error reporting, no -TERM for killproc.
OBS-URL: https://build.opensuse.org/package/show/network:dhcp/dhcp?expand=0&rev=65
dhclient pretty escape and string option checks. Use relaxed
domain-name option check causing a regression, when the server
is misusing it to provide a domain list and does not provide
it via the domain-search option; pretty escape semicolon as well
(bnc#675052, CVE-2011-0997).
OBS-URL: https://build.opensuse.org/package/show/network:dhcp/dhcp?expand=0&rev=64
handling of connection requests on the failover port.
Previously a connection request from a source that wasn't
listed as a failover peer would cause the server to become
non-responsive. ([ISC-Bugs #22679] CERT: VU#159528 CVE:
CVE-2010-3616, bnc#659059).
OBS-URL: https://build.opensuse.org/package/show/network:dhcp/dhcp?expand=0&rev=51
