Hi, Attached is a debdiff of the changes I made for 3.1.2p1-1.1 2-day NMU
Cheers, Giuseppe
diff -u dhcp3-3.1.2p1/debian/changelog dhcp3-3.1.2p1/debian/changelog --- dhcp3-3.1.2p1/debian/changelog +++ dhcp3-3.1.2p1/debian/changelog @@ -1,3 +1,11 @@ +dhcp3 (3.1.2p1-1.1) unstable; urgency=high + + * Non-maintainer upload by the testing Security Team. + * Add patch from Christoph Biedl to fix server assert involving client + IDs and hardware addresses (CVE-2009-1892) (Closes: #549584) + + -- Giuseppe Iuculano <iucul...@debian.org> Sun, 04 Oct 2009 17:41:00 +0200 + dhcp3 (3.1.2p1-1) unstable; urgency=high * New upstream release diff -u dhcp3-3.1.2p1/debian/patches/00list dhcp3-3.1.2p1/debian/patches/00list --- dhcp3-3.1.2p1/debian/patches/00list +++ dhcp3-3.1.2p1/debian/patches/00list @@ -23,0 +24,2 @@ +#security +server-clientid-crash.dpatch only in patch2: unchanged: --- dhcp3-3.1.2p1.orig/debian/patches/server-clientid-crash.dpatch +++ dhcp3-3.1.2p1/debian/patches/server-clientid-crash.dpatch @@ -0,0 +1,19 @@ +#! /bin/sh /usr/share/dpatch/dpatch-run +## server-clientid-crash.dpatch by Christoh Biedl <debian.packages.h...@manchmal.in-ulm.de> +## +## All lines beginning with `## DP:' are a description of the patch. +## DP: Server assert involving client IDs (CVE-2009-1892) + +...@dpatch@ +diff -urNad dhcp3~/server/dhcp.c dhcp3/server/dhcp.c +--- dhcp3~/server/dhcp.c 2008-09-11 18:16:29.000000000 +0200 ++++ dhcp3/server/dhcp.c 2009-10-04 16:30:42.000000000 +0200 +@@ -1747,6 +1747,8 @@ + host_reference (&host, h, MDL); + } + if (!host) { ++ if (hp) ++ host_dereference (&hp, MDL); + find_hosts_by_haddr (&hp, + packet -> raw -> htype, + packet -> raw -> chaddr,
signature.asc
Description: OpenPGP digital signature