From URL: These security issues are also addressed: * auth: Use consttime_memequal to avoid latency attack consttime_memequal is supplied if libc does not support it dhcpcd >=6.2 <7.2.1 are vulnerable * DHCP: Fix a potential 1 byte read overflow with DHO_OPTSOVERLOADED dhcpcd >=4 <7.2.1 are vulnerable * DHCPv6: Fix a potential buffer overflow reading NA/TA addresses dhcpcd >=7 <7.2.1 are vulnerable
The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=e9b5b1738178ec8da65c5371a1a9977d593a459d commit e9b5b1738178ec8da65c5371a1a9977d593a459d Author: Lars Wendler <polynomial-c@gentoo.org> AuthorDate: 2019-04-26 15:01:47 +0000 Commit: Lars Wendler <polynomial-c@gentoo.org> CommitDate: 2019-04-26 15:07:21 +0000 net-misc/dhcpcd: Security bump to versions 7.1.1-r2 and 7.2.1 Bug: https://bugs.gentoo.org/684430 Package-Manager: Portage-2.3.65, Repoman-2.3.12 Signed-off-by: Lars Wendler <polynomial-c@gentoo.org> net-misc/dhcpcd/Manifest | 1 + net-misc/dhcpcd/dhcpcd-7.1.1-r2.ebuild | 153 +++++++++++++++ net-misc/dhcpcd/dhcpcd-7.2.1.ebuild | 148 ++++++++++++++ net-misc/dhcpcd/files/dhcpcd-7.1.1-overflows.patch | 213 +++++++++++++++++++++ 4 files changed, 515 insertions(+)
Roy provided a patch that fixes 7.1.1 release. So I suggest we aim for =net-misc/dhcpcd-7.1.1-r2 stabilization.
arm64 stable
amd64 stable
ia64 stable
sparc stable
ppc stable
ppc64 stable
s390 stable
x86 stable
hppa stable
alpha stable
arm stable
sh stable
The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=cb12d2245f1dbc1579209a8c60903d3163a72419 commit cb12d2245f1dbc1579209a8c60903d3163a72419 Author: Mikle Kolyada <zlogene@gentoo.org> AuthorDate: 2019-05-03 13:13:02 +0000 Commit: Mikle Kolyada <zlogene@gentoo.org> CommitDate: 2019-05-03 13:13:02 +0000 net-misc/dhcpcd: Security cleanup Bug: https://bugs.gentoo.org/684430 Signed-off-by: Mikle Kolyada <zlogene@gentoo.org> Package-Manager: Portage-2.3.62, Repoman-2.3.11 net-misc/dhcpcd/dhcpcd-7.1.1-r1.ebuild | 152 --------------------------------- 1 file changed, 152 deletions(-)