From 3ffebe2f19992b4dc11b5dd0825b9395796fe692 Mon Sep 17 00:00:00 2001 From: roy Date: Fri, 26 Apr 2019 14:39:23 +0000 Subject: Import dhcpcd-7.2.1 with the following changes: * Solaris: Many more issues fixed * OpenBSD: Don't spam syslog when cannot send NA * FreeBSD: Fix fetching IPv6 address lifetimes These security issues are also addressed: * auth: Use consttime_memequal to avoid latency attack consttime_memequal is supplied if libc does not support it dhcpcd >=6.2 <7.2.1 are vulnerable * DHCP: Fix a potential 1 byte read overflow with DHO_OPTSOVERLOADED dhcpcd >=4 <7.2.1 are vulnerable * DHCPv6: Fix a potential buffer overflow reading NA/TA addresses dhcpcd >=7 <7.2.1 are vulnerable Many thanks to Maxime Villard for discovering these issues. --- net/dhcpcd/Makefile | 4 ++-- net/dhcpcd/distinfo | 10 +++++----- 2 files changed, 7 insertions(+), 7 deletions(-) (limited to 'net/dhcpcd') diff --git a/net/dhcpcd/Makefile b/net/dhcpcd/Makefile index 47c21739a78..495a3f0d983 100644 --- a/net/dhcpcd/Makefile +++ b/net/dhcpcd/Makefile @@ -1,6 +1,6 @@ -# $NetBSD: Makefile,v 1.80 2019/04/17 23:47:27 roy Exp $ +# $NetBSD: Makefile,v 1.81 2019/04/26 14:39:23 roy Exp $ -DISTNAME= dhcpcd-7.2.0 +DISTNAME= dhcpcd-7.2.1 PKGNAME= ${DISTNAME:S/-rc/rc/} CATEGORIES= net MASTER_SITES= ftp://roy.marples.name/pub/dhcpcd/ diff --git a/net/dhcpcd/distinfo b/net/dhcpcd/distinfo index d063434e9de..b9998b791df 100644 --- a/net/dhcpcd/distinfo +++ b/net/dhcpcd/distinfo @@ -1,6 +1,6 @@ -$NetBSD: distinfo,v 1.77 2019/04/17 23:47:27 roy Exp $ +$NetBSD: distinfo,v 1.78 2019/04/26 14:39:23 roy Exp $ -SHA1 (dhcpcd-7.2.0.tar.xz) = 57c3cd7059b8b429903cada2121e0f29046bcedf -RMD160 (dhcpcd-7.2.0.tar.xz) = 4cd921bf37aa9f013fb775438f36ed4c69dcea22 -SHA512 (dhcpcd-7.2.0.tar.xz) = 2ab7df53ed42cd7a274bbc9cfb9dca43a8615d9044c0e9f460c41f064ad012b436bf2fe2648dd2738e66aaefc72412cad6c59444631b650f942cba168127a79d -Size (dhcpcd-7.2.0.tar.xz) = 212532 bytes +SHA1 (dhcpcd-7.2.1.tar.xz) = f219f874d754dbc2ba7aea3e8b1b515ecd810e80 +RMD160 (dhcpcd-7.2.1.tar.xz) = bbca5a18916f973d6304f61316c145bf7738068f +SHA512 (dhcpcd-7.2.1.tar.xz) = 11c3ef6d3ee49e147aa44725aa1ac0cddff70a268908439fe91990e135175d063e3d65ab587e1780e4f6f0739cf33873a58ffea0a3130d1bfb5598f9f11ec5a3 +Size (dhcpcd-7.2.1.tar.xz) = 213652 bytes -- cgit v1.2.3