| Summary: | <net-misc/dhcp-4.1.1-p1: DOS (CVE-2010-2156) | ||||||
|---|---|---|---|---|---|---|---|
| Product: | Gentoo Security | Reporter: | Stefan Behte (RETIRED) <craig> | ||||
| Component: | Vulnerabilities | Assignee: | Gentoo Security <security> | ||||
| Status: | RESOLVED FIXED | ||||||
| Severity: | minor | CC: | base-system, kanelxake, petr | ||||
| Priority: | High | ||||||
| Version: | unspecified | ||||||
| Hardware: | All | ||||||
| OS: | Linux | ||||||
| URL: | http://ftp.isc.org/isc/dhcp/dhcp-4.1.1-P1-RELNOTES | ||||||
| Whiteboard: | ~3 [ebuild] | ||||||
| Package list: | Runtime testing required: | --- | |||||
| Bug Depends on: | 324671 | ||||||
| Bug Blocks: | |||||||
| Attachments: |
|
||||||
|
Description
Stefan Behte (RETIRED)
2010-06-25 21:18:57 UTC
Note: 4.1.x is hardmasked. base-system, please commit updated ebuilds and remove the vulnerable versions. There is ebuild on http://code.google.com/p/barzog-gentoo-overlay/ that seems to be working for me on amd64 (at least the client part)... with one exception: there is typo in dhcp-4.0-dhclient-resolvconf.patch taken from portage tree, here is a fix: --- /usr/portage/net-misc/dhcp/files/dhcp-4.0-dhclient-resolvconf.patch 2008-09-04 14:39:45.000000000 +0200 +++ /usr/local/portage/net-misc/dhcp/files/dhcp-4.0-dhclient-resolvconf.patch 2010-06-29 18:57:12.000000000 +0200 @@ -5,7 +5,7 @@ #!/bin/sh make_resolv_conf() { -+ if [ x"$PEER_DNS" != x ] && [ x$"PEER_DNS" != xyes ]; then ++ if [ x"$PEER_DNS" != x ] && [ x"$PEER_DNS" != xyes ]; then + return 0 + fi + local conf= Created attachment 236939 [details, diff]
corrected dhcp-4.0-dhclient-resolvconf.patch
Sorry, the typo mentioned above is in the patch multiple times... attaching corrected patch.
dhcp-4.2.1 now in the tree and all other dhcp-4.x ebuilds punted. since this is still masked, i'll close out the bug. |