Version bump for CVE-2009-0692 (dhclient stack-based buffer overflow); security bug #277729. Stable keywords approved by arch liaisons.

Package-Manager: portage-2.1.6.13/cvs/Linux x86_64 RepoMan-Options: --force
author: Tony Vroon <chainsaw@gentoo.org> 2009-07-14 17:35:55 +0000
committer: Tony Vroon <chainsaw@gentoo.org> 2009-07-14 17:35:55 +0000
commit: 0c3d46a0e161042daffd68007b1884f5d7d5d83e (patch)
tree: 0c3325ee1e1c6ddf5aae89e98177945487bb8dc9 /net-misc/dhcp/files
parent: Remove old version. (diff)
download: historical-0c3d46a0e161042daffd68007b1884f5d7d5d83e.tar.gz
historical-0c3d46a0e161042daffd68007b1884f5d7d5d83e.tar.bz2
historical-0c3d46a0e161042daffd68007b1884f5d7d5d83e.zip
1 files changed, 14 insertions, 0 deletions
diff --git a/net-misc/dhcp/files/dhcp-3.1.1-CVE-2009-0692.patch b/net-misc/dhcp/files/dhcp-3.1.1-CVE-2009-0692.patch
new file mode 100644
index 000000000000..b12a616deafd
--- /dev/null
+++ b/net-misc/dhcp/files/dhcp-3.1.1-CVE-2009-0692.patch
@@ -0,0 +1,14 @@
+--- dhcp-3.1.1.orig/client/dhclient.c
++++ dhcp-3.1.1/client/dhclient.c
+@@ -2547,8 +2547,9 @@ void script_write_params (client, prefix
+ 					 (struct option_state *)0,
+ 					 lease -> options,
+ 					 &global_scope, oc, MDL)) {
+-		if (data.len > 3) {
+-			struct iaddr netmask, subnet, broadcast;
++		struct iaddr netmask;
++		if (data.len > 3 && data.len <= sizeof(netmask.iabuf)) {
++			struct iaddr subnet, broadcast;
+ 
+ 			memcpy (netmask.iabuf, data.data, data.len);
+ 			netmask.len = data.len;
author	Tony Vroon <chainsaw@gentoo.org>	2009-07-14 17:35:55 +0000
committer	Tony Vroon <chainsaw@gentoo.org>	2009-07-14 17:35:55 +0000
commit	0c3d46a0e161042daffd68007b1884f5d7d5d83e (patch)
tree	0c3325ee1e1c6ddf5aae89e98177945487bb8dc9 /net-misc/dhcp/files
parent	Remove old version. (diff)
download	historical-0c3d46a0e161042daffd68007b1884f5d7d5d83e.tar.gz historical-0c3d46a0e161042daffd68007b1884f5d7d5d83e.tar.bz2 historical-0c3d46a0e161042daffd68007b1884f5d7d5d83e.zip