rtime.felk.cvut.cz Git - coffee/buildroot.git/commit

author	Baruch Siach <baruch@tkos.co.il>
	Sat, 3 Mar 2018 19:43:56 +0000 (21:43 +0200)
committer	Peter Korsgaard <peter@korsgaard.com>
	Tue, 10 Apr 2018 20:11:45 +0000 (22:11 +0200)
commit	744ed3cb4c83308108ec110cffa05cdc33708076
tree	0552d756af3a27d12ef791f69c37b5d255413948	tree \| snapshot
parent	ac20047cfeee20ac1760b89dcdbb76146f3ff633	commit \| diff

dhcp: add upstream security fixes

CVE-2018-5732: The DHCP client incorrectly handled certain malformed
responses. A remote attacker could use this issue to cause the DHCP
client to crash, resulting in a denial of service, or possibly execute
arbitrary code. In the default installation, attackers would be isolated
by the dhclient AppArmor profile.

CVE-2018-5733: The DHCP server incorrectly handled reference counting. A
remote attacker could possibly use this issue to cause the DHCP server
to crash, resulting in a denial of service.

Both issues are fixed in version 4.4.1. But we are close to release, so
backport the fixes instead of bumping version.

Signed-off-by: Baruch Siach <baruch@tkos.co.il>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit 047cec5993223944d0765468f11aa137d3ade543)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

package/dhcp/0003-Correct-buffer-overrun-in-pretty_print_option.patch	[new file with mode: 0644]	blob
package/dhcp/0004-Corrected-refcnt-loss-in-option-parsing.patch	[new file with mode: 0644]	blob