-
isc-dhcp (4.4.1-2.1ubuntu5.20.04.5) focal; urgency=medium
[ Mauricio Faria de Oliveira ]
* Prevent race condition that might ignore DHCP OFFERs/ACKs
when dhclient receives DHCP traffic noise. (LP: #1926139)
The previous/racy behavior can be switched back on with
the 'DHCP_FD_FLAGS_POKE=0' environment variable or
the 'dhcp.fd_flags_poke=0' kernel cmdline option.
- d/p/lp1926139-watch-socket-fd-later.patch: fix, switches.
- d/apparmor/sbin.dhclient,usr.sbin.dhcpd: /proc/cmdline r.
[ Steve Langasek ]
* Include /etc/dhcp/dhclient-exit-hooks.d/rfc3442-classless-routes
in the initramfs. (LP: #1937110)
- d/initramfs-tools/share/hooks/zz-dhclient: copy_exec it.
-- Mauricio Faria de Oliveira <email address hidden> Tue, 31 Jan 2023 19:10:35 -0300
-
isc-dhcp (4.4.1-2.1ubuntu5.20.04.4) focal-security; urgency=medium
* SECURITY UPDATE: option refcount overflow
- debian/patches/CVE-2022-2928.patch: correct reference counts in
common/options.c, common/tests/option_unittest.c.
- CVE-2022-2928
* SECURITY UPDATE: DHCP memory leak
- debian/patches/CVE-2022-2929.patch: properly free memory when hitting
errors in common/options.c.
- CVE-2022-2929
-- Marc Deslauriers <email address hidden> Tue, 04 Oct 2022 08:36:23 -0400
-
isc-dhcp (4.4.1-2.1ubuntu5.20.04.3) focal; urgency=medium
* d/apparmor/sbin.dhclient: fix apparmor="DENIED" errors (LP: #1918410)
-- Lukas Märdian <email address hidden> Tue, 21 Jun 2022 12:44:45 +0200
-
isc-dhcp (4.4.1-2.1ubuntu5.20.04.2) focal-security; urgency=medium
* SECURITY UPDATE: DoS via incorrect option information parsing
- debian/patches/CVE-2021-25217.patch: fix parsing in common/parse.c.
- CVE-2021-25217
-- Marc Deslauriers <email address hidden> Tue, 25 May 2021 06:50:22 -0400
-
isc-dhcp (4.4.1-2.1ubuntu5.20.04.1) focal; urgency=medium
* Fix env variable for INTERFACES (LP: #1894172)
- d/isc-dhcp-server.isc-dhcp-server{,6}.service: Replace $INTERFACES
variable with $INTERFACEv4 and $INTERFACESv6, respectively, for
respective services file.
-- Utkarsh Gupta <email address hidden> Tue, 09 Mar 2021 20:49:45 +0530
-
isc-dhcp (4.4.1-2.1ubuntu5) focal; urgency=medium
* debian/apparmor/usr.sbin.dhcpd: also allow write on /proc/*/comm and
/proc/*/task/*/comm (LP: #1870729)
-- Jamie Strandboge <email address hidden> Fri, 10 Apr 2020 17:21:12 +0000
-
isc-dhcp (4.4.1-2.1ubuntu4) focal; urgency=medium
* debian/apparmor/usr.sbin.dhcpd: allow owner read on /proc/*/comm and
/proc/*/task/*/comm (LP: #1870729)
-- Jamie Strandboge <email address hidden> Mon, 06 Apr 2020 21:58:35 +0000
-
isc-dhcp (4.4.1-2.1ubuntu3) focal; urgency=medium
* debian/apparmor/sbin.dhclient: also properly confine /usr/sbin/dhclient
(LP: #1850820)
-- Marc Deslauriers <email address hidden> Wed, 11 Mar 2020 09:16:03 -0400
-
isc-dhcp (4.4.1-2.1ubuntu2) focal; urgency=medium
* No-change rebuild for new bind 9.11.16 libs.
-- Andreas Hasenack <email address hidden> Tue, 25 Feb 2020 17:36:58 -0300
-
isc-dhcp (4.4.1-2.1ubuntu1) focal; urgency=low
* Merge from Debian unstable. Remaining changes:
- debian/control: Add libcap-dev build dependency.
- Apparmor profiles for dhclient and dhcpd.
- Apport hook for isc-dhcp-client and isc-dhcp-server.
- Add systemd units for -server and -relay.
- If /etc/ltsp/dhcpd.conf exists, use that instead of
/etc/dhcp/dhcpd.conf.
- Create user/group dhcpd and make isc-dhcp-server depend on adduser.
- isc-dhcp-server: Suggest policycoreutils instead of recommending it.
- Create /etc/dhcp/ddns-keys/ for DDNS updates.
- Increase the timeout to 300 seconds for dhclient.conf (following the
default added by dhclient-safer-timeout).
- Sanitize environment in dhclient-script.linux.
- add IPv6 initramfs support.
- Separate default file for isc-dhcp-relay6.
- Drop isc-dhcp-server/new_auth_behavior question from high to medium
- dhclient-script.linux: handle empty case also when waiting for ipv6 link
local DAD.
- debian/initramfs-tools/lib/etc/dhcp/dhclient-enter-hooks.d/config: fix
the logic for handling search domains to also write it to the output
file when only the domain name is provided by the DHCP server. Copied
code from debian/dhclient-script.linux.
- Remaining Ubuntu patches:
+ dhclient-fix-backoff
+ revert-next-server
+ multi-ip-addr-per-if
+ dhclient-safer-timeout
+ onetry_retry_after_initial_success
+ dhcp-lpf-ib.patch
+ dhcp-improved-xid.patch
+ dhcp-gpxe-cid.patch
+ dhcp-improved-xid-correct-byte-order.patch
+ dhcp-4.2.4-dhclient-options-changed.patch
+ ubuntu-dhcpd-conf.patch
- Apply patch from Alkis Georgopoulos to generate correct
net{,6}-${iface}.conf files when DHCP supplies multiple DNS servers.
- Build-depend on debhelper (>= 9.20160709) for systemd support.
- Write pidfile before informing parent of success.
* Dropped changes, no longer needed:
- debian/patches/system-bind.patch: restore Ubuntu delta required for
building with -Wl,--as-needed.
isc-dhcp (4.4.1-2.1) unstable; urgency=medium
* Non-maintainer upload.
* Fix FTBFS due to gcc-9 adding --as-needed by default; patch by Reiner
Herrmann (Closes: #925720)
-- Steve Langasek <email address hidden> Thu, 13 Feb 2020 22:17:32 -0800
-
isc-dhcp (4.4.1-2ubuntu6) focal; urgency=medium
* No-change rebuild for new bind 9.11.14 libs.
-- Andreas Hasenack <email address hidden> Wed, 15 Jan 2020 15:08:48 -0300
-
isc-dhcp (4.4.1-2ubuntu5) eoan; urgency=medium
* Apply patch from Alkis Georgopoulos to generate correct
net{,6}-${iface}.conf files when DHCP supplies multiple DNS servers.
(LP: #1840965).
-- Michael Hudson-Doyle <email address hidden> Tue, 03 Sep 2019 10:10:56 +1200
