[pkg-dhcp-commits] [SCM] ISC DHCP packaging for Debian branch, master, updated. upstream/4.1.1-P1-104-g2ca4ef0

Andrew Pollock apollock at debian.org
Fri Feb 4 06:25:31 UTC 2011 

The following commit has been merged in the master branch:
commit 2ca4ef04eb9a9c7dbabf949897239ecd5a2a6537
Author: Andrew Pollock <apollock at debian.org>
Date:   Thu Feb 3 22:26:43 2011 -0800

    Patch CVE-2011-0413 for #611217

diff --git a/debian/patches/CVE-2011-0413.dpatch b/debian/patches/CVE-2011-0413.dpatch
new file mode 100755
index 0000000..9620604
--- /dev/null
+++ b/debian/patches/CVE-2011-0413.dpatch
@@ -0,0 +1,54 @@
+#! /bin/sh /usr/share/dpatch/dpatch-run
+## CVE-2011-0413.dpatch by  <apollock at debian.org>
+##
+## All lines beginning with `## DP:' are a description of the patch.
+## DP: Patch provided by Raphael Geissert for #611217
+
+ at DPATCH@
+diff -urNad isc-dhcp~/server/mdb6.c isc-dhcp/server/mdb6.c
+--- isc-dhcp~/server/mdb6.c	2008-10-22 04:41:58.000000000 -0700
++++ isc-dhcp/server/mdb6.c	2011-02-03 22:18:27.000000000 -0800
+@@ -1006,7 +1006,7 @@
+  * Renew an lease in the pool.
+  *
+  * To do this, first set the new hard_lifetime_end_time for the resource,
+- * and then invoke renew_lease() on it.
++ * and then invoke renew_lease6() on it.
+  *
+  * WARNING: lease times must only be extended, never reduced!!!
+  */
+@@ -1016,12 +1016,24 @@
+ 	 * If we're already active, then we can just move our expiration
+ 	 * time down the heap. 
+ 	 *
++	 * If we're abandoned then we are already on the active list
++	 * but we need to retag the lease and move our expiration
++	 * from infinite to the current value
++	 *
+ 	 * Otherwise, we have to move from the inactive heap to the 
+ 	 * active heap.
+ 	 */
+ 	if (lease->state == FTS_ACTIVE) {
+ 		isc_heap_decreased(pool->active_timeouts, lease->heap_index);
+ 		return ISC_R_SUCCESS;
++	} else if (lease->state == FTS_ABANDONED) {
++		char tmp_addr[INET6_ADDRSTRLEN];
++                lease->state = FTS_ACTIVE;
++                isc_heap_increased(pool->active_timeouts, lease->heap_index);
++		log_info("Reclaiming previously abandoned address %s",
++			 inet_ntop(AF_INET6, &(lease->addr), tmp_addr,
++				   sizeof(tmp_addr)));
++                return ISC_R_SUCCESS;
+ 	} else {
+ 		return move_lease_to_active(pool, lease);
+ 	}
+@@ -1109,7 +1121,8 @@
+ decline_lease6(struct ipv6_pool *pool, struct iasubopt *lease) {
+ 	isc_result_t result;
+ 
+-	if (lease->state != FTS_ACTIVE) {
++	if ((lease->state != FTS_ACTIVE) &&
++	    (lease->state != FTS_ABANDONED)) {
+ 		result = move_lease_to_active(pool, lease);
+ 		if (result != ISC_R_SUCCESS) {
+ 			return result;

-- 
ISC DHCP packaging for Debian

More information about the pkg-dhcp-commits mailing list