- Update from version 10.0.2 to 10.0.4 - Update of rootfile not required - Two patches removed as the fixes have been included in the source tarball - Changelog 10.0.4 privsep: allow __NR_mmap2 call by @olegartys in #253 privsep: allow __NR_clock_gettime32 syscall by @olegartys in #254 compat/arc4random.c: use memset instead of explicit_bzero by @ffontaine in #252 privsep: avoid SIGPIPE errors when scripts write to stderr/stdout after dhcpcd is daemonised 10.0.3 Do not crash on dhcpcd test run by @pemensik in #231 Add automated CI builds for Ubuntu, OpenBSD, FreeBSD and NetBSD by @tobhe in #229 dhcpcd: Fix off-by-one overflow when read() writes full BUFSIZ by @tobhe in #236 privsep: fix strlcpy overflow in psp_ifname by @tobhe in #239 ci: execute tests after successful build by @tobhe in #243 compat: update arc4random() to newer chacha20 based version from OpenBSD by @tobhe in #227 Support libcrypto for hmac and sha256 by @tobhe in #223 Use a local variable instead of the optind by @gotthardp in #86 Send correct amount of used buffer for prefix exclude option by @ctomahogh in #250 compat: use OpenSSL RAND_priv_bytes() for entropy by @tobhe in #248
Signed-off-by: Adolf Belka adolf.belka@ipfire.org --- lfs/dhcpcd | 6 ++-- ....2-fix-off-by-one-overflow-when-read.patch | 26 ----------------- ...p-fix-strlcpy-overflow-in-psp-ifname.patch | 28 ------------------- 3 files changed, 2 insertions(+), 58 deletions(-) delete mode 100644 src/patches/dhcpcd-10.0.2-fix-off-by-one-overflow-when-read.patch delete mode 100644 src/patches/dhcpcd-10.0.2-privsep-fix-strlcpy-overflow-in-psp-ifname.patch
diff --git a/lfs/dhcpcd b/lfs/dhcpcd index 2323b6104..da832046a 100644 --- a/lfs/dhcpcd +++ b/lfs/dhcpcd @@ -24,7 +24,7 @@
include Config
-VER = 10.0.2 +VER = 10.0.4
THISAPP = dhcpcd-$(VER) DL_FILE = $(THISAPP).tar.xz @@ -40,7 +40,7 @@ objects = $(DL_FILE)
$(DL_FILE) = $(DL_FROM)/$(DL_FILE)
-$(DL_FILE)_BLAKE2 = 999033b4c0bc46943332b0b7ed3f1869ad54e2c37346523a15fbd3d9f29db1e01c1ddd0a300826021d3e20493ea06358ef47ac6a02c50331ca0d90e31a123b85 +$(DL_FILE)_BLAKE2 = 770ee398eccff20cd4a37f89b841f8d580d9a42b456d93673ab3bf6ddf1ed0e49feda47ea8c1206a8a8582bccde80f45c3efbf2e1d0e493b06f04e2c6df876af
install : $(TARGET)
@@ -71,8 +71,6 @@ $(TARGET) : $(patsubst %,$(DIR_DL)/%,$(objects)) @$(PREBUILD) @rm -rf $(DIR_APP) && cd $(DIR_SRC) && tar axf $(DIR_DL)/$(DL_FILE) cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/dhcpcd-10.0.2-Allow-free-selection-of-MTU-by-the-user.patch - cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/dhcpcd-10.0.2-fix-off-by-one-overflow-when-read.patch - cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/dhcpcd-10.0.2-privsep-fix-strlcpy-overflow-in-psp-ifname.patch cd $(DIR_APP) && ./configure \ --prefix="" \ --sysconfdir=/var/ipfire/dhcpc \ diff --git a/src/patches/dhcpcd-10.0.2-fix-off-by-one-overflow-when-read.patch b/src/patches/dhcpcd-10.0.2-fix-off-by-one-overflow-when-read.patch deleted file mode 100644 index 9e9cf3695..000000000 --- a/src/patches/dhcpcd-10.0.2-fix-off-by-one-overflow-when-read.patch +++ /dev/null @@ -1,26 +0,0 @@ -From f798bf23af8e5a0eae38931912e2b67e1d45aca4 Mon Sep 17 00:00:00 2001 -From: Tobias Heider tobhe@users.noreply.github.com -Date: Sat, 12 Aug 2023 21:59:21 +0200 -Subject: [PATCH] dhcpcd: Fix off-by-one overflow when read() writes full - BUFSIZ (#236) - ---- - src/dhcpcd.c | 2 +- - 1 file changed, 1 insertion(+), 1 deletion(-) - -diff --git a/src/dhcpcd.c b/src/dhcpcd.c -index e06733d3..688a3a6d 100644 ---- a/src/dhcpcd.c -+++ b/src/dhcpcd.c -@@ -1822,7 +1822,7 @@ dhcpcd_stderr_cb(void *arg, unsigned short events) - if (!(events & ELE_READ)) - return; - -- len = read(ctx->stderr_fd, log, sizeof(log)); -+ len = read(ctx->stderr_fd, log, sizeof(log) - 1); - if (len == -1) { - if (errno != ECONNRESET) - logerr(__func__); --- -2.39.2 - diff --git a/src/patches/dhcpcd-10.0.2-privsep-fix-strlcpy-overflow-in-psp-ifname.patch b/src/patches/dhcpcd-10.0.2-privsep-fix-strlcpy-overflow-in-psp-ifname.patch deleted file mode 100644 index 07c87017e..000000000 --- a/src/patches/dhcpcd-10.0.2-privsep-fix-strlcpy-overflow-in-psp-ifname.patch +++ /dev/null @@ -1,28 +0,0 @@ -From 1bd8fc7d4b34f752a32709d277a897e5ad202d97 Mon Sep 17 00:00:00 2001 -From: Tobias Heider tobhe@users.noreply.github.com -Date: Tue, 15 Aug 2023 18:06:48 +0200 -Subject: [PATCH] privsep: fix strlcpy overflow in psp_ifname (#239) - -When running our Ubuntu tests with libc6 and strlcpy overflow checks -enabled we found that the wrong size is passed to strlcpy resulting -in a crash because of an overflow. ---- - src/privsep.c | 2 +- - 1 file changed, 1 insertion(+), 1 deletion(-) - -diff --git a/src/privsep.c b/src/privsep.c -index b11c0351..cfe54742 100644 ---- a/src/privsep.c -+++ b/src/privsep.c -@@ -1200,7 +1200,7 @@ ps_newprocess(struct dhcpcd_ctx *ctx, struct ps_id *psid) - #endif - - if (!(ctx->options & DHCPCD_MANAGER)) -- strlcpy(psp->psp_ifname, ctx->ifv[0], sizeof(psp->psp_name)); -+ strlcpy(psp->psp_ifname, ctx->ifv[0], sizeof(psp->psp_ifname)); - TAILQ_INSERT_TAIL(&ctx->ps_processes, psp, next); - return psp; - } --- -2.39.2 -