update to dhcpcd-6.10.0

http://roy.marples.name/projects/dhcpcd/info/595883e2a431f65d - Ensure that option length fits inside data length less option size. (can lead to an invalid read/crash via malformed dhcp responses) http://roy.marples.name/projects/dhcpcd/info/76a1609352263bd9 - dhcp_optlen now returns the length of the data we can sanely work on given the option definition and data length. Call dhcp_optlen in dhcp_envoption1 to take into ensure these bounds are not overstepped. Fixes an issue reported by Nico Golde where extra undersized data was present in the option. An example of this would be an array of uint16's with a trailing byte. (reporter says "exploitation is non-trivial, but i'd love to be proven wrong.")
2016-01-07 21:19:53 +00:00 · 2016-01-07 21:19:53 +00:00 · 62b4b52eb9
commit 62b4b52eb9
parent ac6e688019
3 changed files with 11 additions and 9 deletions
--- a/net/dhcpcd/Makefile
+++ b/net/dhcpcd/Makefile
@ -1,7 +1,7 @@
-# $OpenBSD: Makefile,v 1.9 2015/12/04 14:23:19 sthen Exp $
+# $OpenBSD: Makefile,v 1.10 2016/01/07 21:19:53 sthen Exp $

 COMMENT=		DHCPv4/IPv4LL/IPv6RS/DHCPv6 quad stack client
-DISTNAME=		dhcpcd-6.9.4
+DISTNAME=		dhcpcd-6.10.0
 CATEGORIES=		net
 EXTRACT_SUFX=		.tar.xz

--- a/net/dhcpcd/distinfo
+++ b/net/dhcpcd/distinfo
@ -1,2 +1,2 @@
-SHA256 (dhcpcd-6.9.4.tar.xz) = w/P/dHPvFYoecdua6nQk3yw0d60GTitULyeUilq8m6A=
-SIZE (dhcpcd-6.9.4.tar.xz) = 178632
+SHA256 (dhcpcd-6.10.0.tar.xz) = q1avmy6GkTxVqWXLD4Neh3Sd94MYVkrPkNXWmPQTrTU=
+SIZE (dhcpcd-6.10.0.tar.xz) = 179804
--- a/net/dhcpcd/pkg/PLIST
+++ b/net/dhcpcd/pkg/PLIST
@ -1,19 +1,21 @@
-@comment $OpenBSD: PLIST,v 1.3 2015/09/24 15:14:11 sthen Exp $
+@comment $OpenBSD: PLIST,v 1.4 2016/01/07 21:19:53 sthen Exp $
 libexec/dhcpcd-hooks/
 libexec/dhcpcd-hooks/01-test
 libexec/dhcpcd-hooks/02-dump
-libexec/dhcpcd-hooks/10-wpa_supplicant
-libexec/dhcpcd-hooks/15-timezone
 libexec/dhcpcd-hooks/20-resolv.conf
-libexec/dhcpcd-hooks/29-lookup-hostname
 libexec/dhcpcd-hooks/30-hostname
 libexec/dhcpcd-hooks/50-ntp.conf
-libexec/dhcpcd-hooks/50-ypbind
 libexec/dhcpcd-run-hooks
@man man/man5/dhcpcd.conf.5
@man man/man8/dhcpcd-run-hooks.8
@man man/man8/dhcpcd.8
@bin sbin/dhcpcd
+share/dhcpcd/
+share/dhcpcd/hooks/
+share/dhcpcd/hooks/10-wpa_supplicant
+share/dhcpcd/hooks/15-timezone
+share/dhcpcd/hooks/29-lookup-hostname
+share/dhcpcd/hooks/50-ypbind
 share/doc/pkg-readmes/${FULLPKGNAME}
 share/examples/dhcpcd/
 share/examples/dhcpcd/dhcpcd.conf