starlingx
/
integ
Code Issues Proposed changes
integ/base/dhcp/debian
History
Zhixiong Chi dcb205850c isc-dhcp: fix CVE-2022-2929 
Backport the source patch from the version 4.4.1-2.3+deb11u2.
[https://sources.debian.org/src/isc-dhcp/4.4.1-2.3+deb11u2/debian/patches/CVE-2022-2929.patch]

Refer to:
https://security-tracker.debian.org/tracker/DSA-5251-1
It refers to two issues, CVE-2022-2928 and CVE-2022-2929.
CVE-2022-2928 has been fixed in
[https://review.opendev.org/c/starlingx/integ/+/865278]

Pass: build-pkgs -c -p isc-dhcp
Pass: build-pkgs -a
Pass: build-image
Pass: Debian AIO jenkins installation

Issue is very difficult to reproduce, so we are simply focused on
making sure that this doesn't break anything.

Closes-Bug: 2043434

Signed-off-by: Zhixiong Chi <zhixiong.chi@windriver.com>
Change-Id: Ie9148ea007526160b34c57df5f98d776c04dbe3a
 		2023-11-13 23:54:17 -05:00
..
deb_patches Debian: use DHCPv6 FQDN hostname field to set hostname 2022-09-06 17:19:33 -03:00
patches isc-dhcp: fix CVE-2022-2929 2023-11-13 23:54:17 -05:00
meta_data.yaml Add debian package for dhcp 2021-11-12 08:58:34 +08:00