From nobody@FreeBSD.org  Sat Jul 18 18:51:37 2009
Return-Path: <nobody@FreeBSD.org>
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34])
	by hub.freebsd.org (Postfix) with ESMTP id B42CA106566B
	for <freebsd-gnats-submit@FreeBSD.org>; Sat, 18 Jul 2009 18:51:37 +0000 (UTC)
	(envelope-from nobody@FreeBSD.org)
Received: from www.freebsd.org (www.freebsd.org [IPv6:2001:4f8:fff6::21])
	by mx1.freebsd.org (Postfix) with ESMTP id A324A8FC12
	for <freebsd-gnats-submit@FreeBSD.org>; Sat, 18 Jul 2009 18:51:37 +0000 (UTC)
	(envelope-from nobody@FreeBSD.org)
Received: from www.freebsd.org (localhost [127.0.0.1])
	by www.freebsd.org (8.14.3/8.14.3) with ESMTP id n6IIpbpR043007
	for <freebsd-gnats-submit@FreeBSD.org>; Sat, 18 Jul 2009 18:51:37 GMT
	(envelope-from nobody@www.freebsd.org)
Received: (from nobody@localhost)
	by www.freebsd.org (8.14.3/8.14.3/Submit) id n6IIpbdV043006;
	Sat, 18 Jul 2009 18:51:37 GMT
	(envelope-from nobody)
Message-Id: <200907181851.n6IIpbdV043006@www.freebsd.org>
Date: Sat, 18 Jul 2009 18:51:37 GMT
From: Josh Paetzel <jpaetzel@FreeBSD.org>
To: freebsd-gnats-submit@FreeBSD.org
Subject: [patch] Fix SA in net/isc-dhcp30*
X-Send-Pr-Version: www-3.1
X-GNATS-Notify:

>Number:         136891
>Category:       ports
>Synopsis:       [patch] Fix SA in net/isc-dhcp30*
>Confidential:   no
>Severity:       non-critical
>Priority:       low
>Responsible:    jpaetzel
>State:          closed
>Quarter:        
>Keywords:       
>Date-Required:  
>Class:          maintainer-update
>Submitter-Id:   current-users
>Arrival-Date:   Sat Jul 18 19:00:09 UTC 2009
>Closed-Date:    Wed Jul 22 00:12:49 UTC 2009
>Last-Modified:  Wed Jul 22 00:20:05 UTC 2009
>Originator:     Josh Paetzel
>Release:        8.0-CURRENT
>Organization:
>Environment:
FreeBSD virt80.tcbug.org 8.0-CURRENT FreeBSD 8.0-CURRENT #1: Sat Jun 13 10:21:06 UTC 2009     root@virt80.tcbug.org:/usr/obj/usr/src/sys/VIRT80  amd64
>Description:
This patch addresses http://vuxml.FreeBSD.org/c444c8b7-7169-11de-9ab7-000c29a67389.html
and applies 3rd party fixes to the unmaintained 3.0.7 version of ISC's DHCP implimentation
>How-To-Repeat:

>Fix:


Patch attached with submission follows:

Index: isc-dhcp30-server/Makefile
===================================================================
RCS file: /home/ncvs/ports/net/isc-dhcp30-server/Makefile,v
retrieving revision 1.134
diff -u -r1.134 Makefile
--- isc-dhcp30-server/Makefile	27 Jun 2009 17:35:08 -0000	1.134
+++ isc-dhcp30-server/Makefile	18 Jul 2009 13:37:27 -0000
@@ -20,7 +20,7 @@
 COMMENT?=	The ISC Dynamic Host Configuration Protocol server
 
 PORTREVISION_SERVER=	5
-PORTREVISION_CLIENT=	0
+PORTREVISION_CLIENT=	1
 PORTREVISION_RELAY=	0
 PORTREVISION_DEVEL=	0
 
Index: isc-dhcp30-server/files/patch-client::dhclient.c
===================================================================
RCS file: /home/ncvs/ports/net/isc-dhcp30-server/files/patch-client::dhclient.c,v
retrieving revision 1.6
diff -u -r1.6 patch-client::dhclient.c
--- isc-dhcp30-server/files/patch-client::dhclient.c	13 Oct 2008 11:10:11 -0000	1.6
+++ isc-dhcp30-server/files/patch-client::dhclient.c	18 Jul 2009 13:36:49 -0000
@@ -1,5 +1,5 @@
---- client/dhclient.c.orig	2008-01-22 17:28:23.000000000 +0000
-+++ client/dhclient.c	2008-05-26 08:17:53.000000000 +0000
+--- client/dhclient.c.orig	2008-01-22 12:28:23.000000000 -0500
++++ client/dhclient.c	2009-07-15 15:02:28.000000000 -0400
 @@ -38,6 +38,13 @@
  #include "dhcpd.h"
  #include "version.h"
@@ -242,7 +242,19 @@
  	add_timeout (cur_time + client -> interval,
  		     send_request, client, 0, 0);
  }
-@@ -2624,6 +2734,13 @@
+@@ -2509,8 +2619,9 @@
+ 					 (struct option_state *)0,
+ 					 lease -> options,
+ 					 &global_scope, oc, MDL)) {
+-		if (data.len > 3) {
+-			struct iaddr netmask, subnet, broadcast;
++		struct iaddr netmask;
++		if (data.len > 3 && data.len <= sizeof(netmask.iabuf)) {
++			struct iaddr subnet, broadcast;
+ 
+ 			memcpy (netmask.iabuf, data.data, data.len);
+ 			netmask.len = data.len;
+@@ -2624,6 +2735,13 @@
  		 */
  		if (leaseFile != NULL)
  			fclose(leaseFile);
@@ -256,7 +268,7 @@
  		execve (scriptName, argv, envp);
  		log_error ("execve (%s, ...): %m", scriptName);
  		exit (0);
-@@ -2810,8 +2927,10 @@
+@@ -2810,8 +2928,10 @@
  			      case S_STOPPED:
  				break;
  			}
@@ -267,7 +279,7 @@
  		}
  	}
  }
-@@ -3039,7 +3158,9 @@
+@@ -3039,7 +3159,9 @@
  		    break;
  
  		  case server_awaken:
@@ -277,7 +289,7 @@
  		    break;
  		}
  	    }
-@@ -3177,3 +3298,265 @@
+@@ -3177,3 +3299,265 @@
  	data_string_forget (&ddns_dhcid, MDL);
  	return rcode;
  }
Index: isc-dhcp30-client/Makefile
===================================================================
RCS file: /home/ncvs/ports/net/isc-dhcp30-client/Makefile,v
retrieving revision 1.5
diff -u -r1.5 Makefile
--- isc-dhcp30-client/Makefile	15 Jul 2009 23:11:07 -0000	1.5
+++ isc-dhcp30-client/Makefile	18 Jul 2009 13:37:49 -0000
@@ -8,8 +8,6 @@
 
 COMMENT=	The ISC Dynamic Host Configuration Protocol client
 
-FORBIDDEN=	http://vuxml.FreeBSD.org/c444c8b7-7169-11de-9ab7-000c29a67389.html
-
 # Local variables
 #
 


>Release-Note:
>Audit-Trail:
Responsible-Changed-From-To: freebsd-ports-bugs->jpaetzel 
Responsible-Changed-By: wxs 
Responsible-Changed-When: Sat Jul 18 23:41:30 UTC 2009 
Responsible-Changed-Why:  
Over to maintainer. 

http://www.freebsd.org/cgi/query-pr.cgi?pr=136891 
State-Changed-From-To: open->closed 
State-Changed-By: jpaetzel 
State-Changed-When: Wed Jul 22 00:12:27 UTC 2009 
State-Changed-Why:  
Committed, thanks. 

http://www.freebsd.org/cgi/query-pr.cgi?pr=136891 

From: dfilter@FreeBSD.ORG (dfilter service)
To: bug-followup@FreeBSD.org
Cc:  
Subject: Re: ports/136891: commit references a PR
Date: Wed, 22 Jul 2009 00:12:14 +0000 (UTC)

 jpaetzel    2009-07-22 00:11:48 UTC
 
   FreeBSD ports repository
 
   Modified files:
     net/isc-dhcp30-server Makefile 
     net/isc-dhcp30-server/files patch-client::dhclient.c 
     security/vuxml       vuln.xml 
   Log:
   Fix security advsory with patches from Ubuntu project.
   http://vuxml.FreeBSD.org/c444c8b7-7169-11de-9ab7-000c29a67389.html
   
   PR:     ports/136891
   Submitted by:   wxs@
   Reviewed by:    simon@
   Approved by:    itetcu@ (mentor)
   
   Revision  Changes    Path
   1.135     +1 -1      ports/net/isc-dhcp30-server/Makefile
   1.7       +18 -6     ports/net/isc-dhcp30-server/files/patch-client::dhclient.c
   1.1985    +3 -2      ports/security/vuxml/vuln.xml
 _______________________________________________
 cvs-all@freebsd.org mailing list
 http://lists.freebsd.org/mailman/listinfo/cvs-all
 To unsubscribe, send any mail to "cvs-all-unsubscribe@freebsd.org"
 
>Unformatted:
