Index | index by Group | index by Distribution | index by Vendor | index by creation date | index by Name | Mirrors | Help | Search |
Name: dhcp | Distribution: SUSE Linux Enterprise 15 |
Version: 4.3.6.P1 | Vendor: SUSE LLC <https://www.suse.com/> |
Release: 150000.6.17.1 | Build date: Wed Oct 5 09:21:44 2022 |
Group: Productivity/Networking/Boot/Servers | Build host: ibs-arm-4 |
Size: 1959363 | Source RPM: dhcp-4.3.6.P1-150000.6.17.1.src.rpm |
Packager: https://www.suse.com/ | |
Url: http://www.isc.org/software/dhcp | |
Summary: Common Files Used by ISC DHCP Software |
This package contains common programs used by both the ISC DHCP server ("dhcp-server" package) and client ("dhcp-client") as the omshell and common manual pages. Authors: -------- Internet Systems Consortium, Inc. <info@isc.org>
BSD-3-Clause
* Tue Oct 04 2022 max@suse.com - bsc#1203988, CVE-2022-2928, dhcp-CVE-2022-2928.patch: An option refcount overflow exists in dhcpd - bsc#1203989, CVE-2022-2929, dhcp-CVE-2022-2929.patch: DHCP memory leak * Tue Apr 26 2022 max@suse.com - bsc#1198657: properly handle DHCRELAY(6)_OPTIONS. * Thu May 27 2021 max@suse.com - Oops, when upgrading to 4.3.6-P1 in 2018 only isc_version was bumped, but not the RPM package version. * Wed May 26 2021 max@suse.com - CVE-2021-25217, bsc#1186382, dhcp-CVE-2021-25217.patch: A buffer overrun in lease file parsing code can be used to exploit a common vulnerability shared by dhcpd and dhclient. * Thu Apr 22 2021 max@suse.com - bsc#1185157: Use /run instead of /var/run for PIDFile in dhcrelay.service. * Thu Aug 01 2019 max@suse.com - bsc#1134078, CVE-2019-6470, dhcp-CVE-2019-6470.patch: DHCPv6 server crashes regularly. - Add compile option --enable-secs-byteorder to avoid duplicate lease warnings [bsc#1089524]. * Mon Jul 08 2019 max@suse.com - bsc#1136572: Use IPv6 when called as dhclient6, dhcpd6, and dhcrelay6 (0021-dhcp-ip-family-symlinks.patch). * Thu Mar 08 2018 max@suse.com - Update to dhcp-4.3.6-P1: * CVE-2018-5733, bsc#1083303: reference count overflow in dhcpd. * CVE-2018-5732, bsc#1083302: buffer overflow bug in dhclient. * Plugged a socket descriptor leak in OMAPI * The server now allows the client identifier (option 61) to own leases in more than one subnet concurrently [ISC-Bugs #41358]. * When replying to a DHCPINFORM, the server will now include options specified at the pool scope, provided the ciaddr field of the DHCPINFORM is populated. [ISC-Bugs #43219] [ISC-Bugs #45051]. * When memory allocation fails in a repeated way the process writes "Run out of memory." on the standard error and exists with status 1 [ISC-Bugs #32744]. * The new lmdb (Lightning Memory DataBase) bind9 configure option is now disabled by default to avoid the presence of this library to be detected which can lead to a link failure. [ISC-Bugs #45069] * The linux interface discovery code has been modified to use getifaddrs() as is done for BSD and OS-X. [ISC-Bugs #28761] and others. * Fixed a bug in OMAPI that causes omshell to crash when a name-value pair with a zero length value is shipped in an object [ISC-Bugs #29108]. * On 64-bit platforms, dhclient now generates the correct value for the script environment variable, "expiry", the lease expiry value exceeds 0x7FFFFFFF [ISC-Bugs #43326]. * Common timer logic was modified to cap the maximum timeout values at 0x7FFFFFFF - 1 [ISC-Bugs #28038]. * DHCP6 FQDN option unpacking code now correctly handles values that contain spaces, special, or non-printable characters. [ISC-Bugs #43592] * When running in -6 mode, dhclient can enforce the require option statement and will discard offered leases that do not contain all the required options specified in the client configuration [ISC-Bugs #41473]. * Altered DHCPv4 lease time calculation to avoid roll over errors on 64-bit OS systems when using -1 or large values for default-lease-time [ISC-Bugs #41976], * Added --dad-wait-time parameter to dhclient [ISC-Bugs #36169]. * The server nows checks both the address and length of a prefix delegation when attempting to match it to a prefix pool [ISC-Bugs #35378]. * Modified DDNS support initialization such that DNS related ports will only be opened by the server (dhcpd) at startup if ddns-update-style is not "none"; by dhclient only if and when the it first attempts an update; and never by dhcrelay. [ISC-Bugs #45290] [ISC-Bugs #33377] * Added error logging to two memory allocation failure checks. [ISC-Bugs #41185] * Corrected a dhclient -6 issue that caused the client to crash with an "Impossible condition" error after de-preferencing its only IA binding [ISC-Bugs #44373]. * By defining CALL_SCRIPT_ON_ONETRY_FAIL in includes/site.h, dhclient will now call the script with reason set to FAIL when run with -1 (one try) and there are no server responses. [ISC-bugs #18183] * The server now detects failover peers that are not referenced in at least one pool when run with the command line option for test mode, -T [ISC-Bugs #29892]. * Linux script updated [ISC-bugs #19430] [ISC-bugs #18111]. * Changed severity of the log message indicating UDP checksum errors in the received packets from 'info' to 'debug'. [ISC-bugs #41757] * Corrected a bug which could cause the server to sporadically crash while loading lease files with the lease-id-format is set to "hex" [ISC-Bugs #43185]. - Obsoleted patches: * 0011-Fixed-linux-interface-discovery-using-getifaddrs.patch * 0019-dhcp-4.2.4-P1-interval.patch * 0021-master-Plugs-a-socket-descriptor-leak-in-OMAPI.patch * 0022-Optimized-if-and-when-DNS-client-context-and-ports.patch * Fri Jan 19 2018 ndas@suse.de - Optimized if and when DNS client context and ports are initted (bsc#1073935) [+0022-Optimized-if-and-when-DNS-client-context-and-ports.patch] * Tue Jan 16 2018 ndas@suse.de - Plugs a socket descriptor leak in OMAPI(bsc#1076119, CVE-2017-3144) [ +0021-master-Plugs-a-socket-descriptor-leak-in-OMAPI.patch] * Fri Jan 05 2018 obs@botter.cc - add PIDFile= setting to dhcrelay.service, without this systemd stops the service immediately after starting * Wed Dec 13 2017 mchandras@suse.de - Drop old sysvinit support from the spec file. All the supported openSUSE distributions are systemd based so there isn't much point in keeping sysvinit support and files around. * Thu Nov 23 2017 rbrown@suse.com - Replace references to /var/adm/fillup-templates with new %_fillupdir macro (boo#1069468) * Fri Jul 14 2017 dimstar@opensuse.org - Replace net-tools Requires in dhcp-client with hostname on suse_version >= 1330 (CODE15): net-tools does no longer provide any tool referenced by dhclient-script, but we require hostname (which is also a dependency to net-tools, thus hiding the issue). * Thu Jul 13 2017 bwiedemann@suse.com - use .gz year instead of current one to make build reproducible * Thu Jul 06 2017 ndas@suse.de - fixed a typo in nis-servers option name breaking the config file introduced in previous change to workaround issues in NetworkManager parser. - Update to dhcp-4.3.5 - Corrected a bug which could cause the server to sporadically crash while loading lease files with the lease-id-format is set to "hex". Our thanks to Jay Ford, University of Iowa for reporting the issue. [ISC-Bugs #43185] - Eliminated a noisy, but otherwise harmless debug log statment that may appear during server startup when building with --enable-binary-leases and configuring multiple pools in a shared network. Thanks to Fernando Soto from BlueCat Networks for reporting the issue and supplying a patch. [ISC-Bugs #43262] - Fixed util/bindvar.sh error handling. [ISC-Bugs #41973] - Correct error message in relay to use remote id length instead of circuit id length. [ISC-Bugs #42556] - Add logic to test directory Makefiles to avoid copying Attfile(s) when building within the source tree. This eliminates a noisy but otherwise harmless error message when running "make check". [ISC-Bugs #41883] - Leases are now scrubbed of certain prior use information when pool re-balancing reassigns them from one FO peer to the other. This corrects an issue where leases that were offered but not used by the client retained the client hostname from the original client. Thanks to Pavel Polacek, Jan Evangelista Purkyne University for reporting the issue. [ISC-Bugs #42008] - In the LDAP code and schema add some missing '6' characters to use the v6 instead of the v4 versions. Thanks to Denis Taranushin for reporting this issue and supplying its patch. [ISC-Bugs #42666] - Correct how the pick-first-value expression is written to a lease file. Previously it was written as a concat expression due to a cut and paste error. [ISC-Bugs #42253] - Modify the DDNS code to clean up the PTR record even if there are issues while cleaning up the A or AAAA records. [ISC-Bugs #23954] - Added global configuration parameter, abandon-lease-time, which determines the amount of time a lease remains abandoned. The default is 84600 seconds. Additionaly, the server now conducts a ping check (if ping checks are enabled) prior to offering an abandoned lease to client. Our thanks to David Zych at University of Illinois for reporting the issue and working with us to produce a viable solution. [ISC-Bugs #41815] - Correct handling of interface names during interface discovery. This addresses an issue where interface names of 15 characters in length could lead to crashes or interface recognition errors during startup of dhcpd, dhclient, and dhcrelay. [ISC-Bugs #42226] - Updates to contrib/dhcp-lease-list.pl to make it more friendly. The updates are: looking for the lease file in more places and skipping the "processing complete" output when creating machine readable output. Thanks to Cameron Paine (cbp at null dot net) for the patch. [ISC-Bugs #42113] - When reusing a lease for dhcp-cache-threshold return the hostname to the original lease. Also if the host pointer, UID or hardware address change don't allow reuse of the lease. Thanks to Michael Vincent for reporting this and helping us verify the problem and fix. [ISC-Bugs #42849] - Change dmalloc to use a size_t as the length argument to bring it in line with the call it will make to malloc(). [ISC-Bugs #40843] - If the failover socket can't be bound, close it. Otherwise if the user configures an incorrect address in the failover stanza the server will continue to open new sockets every 90 seconds until it runs out. [ISC-Bugs #42452] - Add DHCPv4-mode, dhcrelay command line options, "-iu" and "-id", that allow interfaces to be upstream or downstream respectively. Upstream interfaces will accept and forward only BOOTP replies, while downstream interfaces will accept and forward only BOOTP requests. [ISC-Bugs #41547] - Clean up some memory references in the vendor-class construct. [ISC-Bugs #42984] [*0006-dhcp-4.3.2-dhclient-send-hostname-or-fqdn.patch, * 0011-Fixed-linux-interface-discovery-using-getifaddrs.patch, * 0013-dhcp-4.2.x-dhcpv6-decline-on-DAD-failure.872609.patch, * 0016-infiniband-support.patch, * 0017-server-no-success-report-before-send.919959.patch] * Mon Jul 03 2017 zaitor@opensuse.org - Set all requested dhcp options on a single line, so they are actually requested (boo#1046969, boo#1047004). * Mon Mar 13 2017 ndas@suse.de - Relax permission of dhclient-script for libguestfs(bsc#987170) * Fri Feb 10 2017 kukuk@suse.de - Require insserv only if needed - Fix requires of client subpackage * Thu Aug 04 2016 ralf.habacker@freenet.de - Add config file for registering dhcp server in slp (bsc#992072) * Thu May 19 2016 mchandras@suse.de - Use /usr/sbin/arping instead of /sbin/arping in the dhcp scripts. /sbin/arping is a symlink to /usr/sbin/arping in order to ease the transition for the /usr merge. Newest releases of iputils may only install utilities in /usr/* so this dependency will no longer be valid. Moreover, we replace the '/sbin/arping' dependency with 'iputils'. * Tue Jan 26 2016 ndas@suse.de - Update to dhcp-4.3.3-P1 correcting bounds checking when receiving a packet (bsc#961305,CVE-2015-8605,ISC-Bugs#41267). - adjusted interval check. [*0019-dhcp-4.2.4-P1-interval.patch] - Fixed improper lease duration checking. Also added fixes for integer overflows in the date and time handling code(bsc#936923, bsc#880984). [+0020-dhcp-4.x.x-fixed-improper-lease-duration-checking.patch] - fixed service files to start dhcpd after slapd (bsc#956159) - dhclient-script: complain in the log about conflicts, added a see log messages to the dhclient log message (bsc#960506) [* 0018-client-fail-on-script-pre-init-error-bsc-912098.patch] * Tue Oct 13 2015 mt@suse.de - Applied a patch by Jiri Popelka catching dhcp server aborts with "Unable to set up timer: out of range" on very long or infinite timer intervals / lease lifetimes (bsc#947780) [+ 0019-dhcp-4.2.4-P1-interval.patch] - Corrected patch references in and a missed (bsc#919959) patch description in previous changelog entry. * Mon Sep 14 2015 mt@suse.de - Update to dhcp-4.3.3 (fate#319067) provinding many bug fixes, features and obsoletes several patches we were using before. For complete changelog, please read the RELNOTES file shipped along with this package or online at: https://kb.isc.org/article/AA-01297/82/DHCP-4.3.3-Release-Notes.html - Replaced hostname patch with a dhcpv6 and fqdn aware variant: [- 0006-dhcp-4.2.5-dhclient-send-hostname-rml.patch, + 0006-dhcp-4.3.2-dhclient-send-hostname-or-fqdn.patch] - Removed obsolete patches included upstream now: [- 0007-dhcp-4.2.6-ldap-mt01.patch, - 0009-dhcp-4.2.6-xen-checksum.patch, - 0013-dhcp-4.2.3-P1-dhclient-log-pid.patch, - 0015-Ignore-SIGPIPE-to-not-die-in-socket-code.patch, - 0016-server-log-DHCPv6-addresses-assigned-to-clients.patch, - 0019-dhcp-4.2.x-ldap-debug-write.bnc835818.patch, - 0021-dhcp-4.2.4-P2-bnc878846-conf-to-ldap.patch, - 0022-dhcp-4.2.x-contrib-conf-to-ldap-reorder.886094.patch, - 0023-dhcp-4.2.x-ddns-tsig-hmac-sha-support.890731.patch, - 0025-dhcp-4.2.x-dhcpv6-retransmission-until-MRD.872609.patch, - 0026-dhcp-4.2.x-disable-unused-ddns-port-in-server.891655.patch] - Adjusted patch numbers in the spec file: [- 0008-dhcp-4.1.1-P1-lpf-bind-msg-fix.patch, - 0010-dhcp-4.2.2-dhclient-option-checks.patch, - 0011-dhcp-4.2.6-close-on-exec.patch, - 0012-dhcp-4.2.2-quiet-dhclient.patch, - 0014-Fixed-linux-interface-discovery-using-getifaddrs.patch, - 0020-dhcp-4.2.x-chown-server-leases.bnc868253.patch, - 0024-dhcp-4.2.x-dhcpv6-decline-on-DAD-failure.872609.patch, + 0007-dhcp-4.1.1-P1-lpf-bind-msg-fix.patch, + 0008-dhcp-4.2.2-dhclient-option-checks.patch, + 0009-dhcp-4.2.6-close-on-exec.patch, + 0010-dhcp-4.2.2-quiet-dhclient.patch, + 0011-Fixed-linux-interface-discovery-using-getifaddrs.patch, + 0012-dhcp-4.2.x-chown-server-leases.bnc868253.patch, + 0013-dhcp-4.2.x-dhcpv6-decline-on-DAD-failure.872609.patch] - Fixed to not pass DHCPv6 address lifetimes a positive (unsigned 32bit) integers to scripts and properly format timestamps as long to not break them on 64bit architectures (bsc#926159). [+ 0014-dhclient6-unsigned-lifetimes-for-script-bsc-926159.patch] - dhclient: expose next-server DHCPv4 option to script (bsc#928390) [+ 0015-Expose-next-server-DHCPv4-option-to-dhclient-script.patch] - Replaced infiniband support patch with fixed variant (bsc#910984): [- 0017-dhcp-4.2.6-lpf-ip-over-ib-support.patch, - 0018-dhcp-4.2.6-improved-xid.patch, - 0027-dhcp-4.2.x-handle-ifa_addr-NULL.909189.patch, + 0016-infiniband-support.patch] - Moved dhcp-devel package include files and static libraries to /usr/include/dhcp and /usr/lib/dhcp subdirectories. DHCP requires a specific bind library version and conflicts with the files shipped by bind-devel package, which is not source and binary compatible (bsc#910686). - Corrected changes to provide complete patch file references. - Fixed server to not report success before send (bsc#919959) [+ 0017-server-no-success-report-before-send.919959.patch] - Fixed dhclient to check pre-init results reported by dhclient-script and fail if pre-init fails for a requested interface (bsc#912098). [+ 0018-client-fail-on-script-pre-init-error-bsc-912098.patch] * Tue Feb 03 2015 coolo@suse.com - do not check scripts not in the src.rpm * Wed Dec 10 2014 mt@suse.de - Applied fix by Jiri Slaby to not crash in interface discovery when the interface address is NULL, which has been introduced by the infiniband support patch (bsc#909189,bsc#870535). [+ 0027-dhcp-4.2.x-handle-ifa_addr-NULL.909189.patch] * Tue Dec 09 2014 ledest@gmail.com - fix bashisms in dhcprelay script * Thu Nov 20 2014 mt@suse.de - Applied contrib/ldap/dhcpd-conf-to-ldap patch by Ales Novak to reorder config to add all global options or option declarations to the dhcpService object instead to create new service object (bsc#886094,ISC-Bugs#37876). [+ 0022-dhcp-4.2.x-contrib-conf-to-ldap-reorder.886094.patch] - Applied an upstream patch by Thomas Markwalder adding missed mapping of SHA TSIG algorithm names to their constants to enable hmac-sha1, hmac_sha224, hmac_sha256, hmac_sha384 and hmac_sha512 authenticated dynamic DNS updates (bsc#890731, ISC-Bugs#36947). [+ 0023-dhcp-4.2.x-ddns-tsig-hmac-sha-support.890731.patch] - Decline IPv6 addresses on Duplicate Address Detection failure and stop client message exchanges on reached MRD rather than at some point after it. Applied fedora patches by Jiri Popelka and added DAD reporting via exit 3 to the dhclient-script and a fix to use correct address variables in the DEPREF6 action (bsc#872609,ISC-Bugs#26735,ISC-Bugs#21238). [+ 0024-dhcp-4.2.x-dhcpv6-decline-on-DAD-failure.872609.patch, + 0025-dhcp-4.2.x-dhcpv6-retransmission-until-MRD.872609.patch] - Applied backport patch by William Preston avoiding to bind ddns socket in the server when ddns-update-style is none (bsc#891655). [+ 0026-dhcp-4.2.x-disable-unused-ddns-port-in-server.891655.patch] - Applied patch for the contrib/ldap/dhcpd-conf-to-ldap script fixing subclass statement handling (bnc#878846,[ISC-Bugs #36409]) [+ 0021-dhcp-4.2.4-P2-bnc878846-conf-to-ldap.patch] - Updated licence statement and FSF address in our scripts. - Added missed service_add_pre macro calls for dhcrelay services * Fri Nov 14 2014 dimstar@opensuse.org - No longer perform gpg validation; osc source_validator does it implicit: + Drop gpg-offline BuildRequires. + No longer execute gpg_verify.
/etc/sysconfig/SuSEfirewall2.d/services/dhcp-server /etc/sysconfig/SuSEfirewall2.d/services/dhcp6-server /usr/bin/omshell /usr/share/man/man1/omshell.1.gz /usr/share/man/man5/dhcp-eval.5.gz /usr/share/man/man5/dhcp-options.5.gz
Generated by rpm2html 1.8.1
Fabrice Bellet, Tue Jul 9 18:17:49 2024