Age | Commit message (Collapse) | Author |
|
Changes since 4.2.3
! Add a check for a null pointer before calling the regexec function.
Without this check we could, under some circumstances, pass
a null pointer to the regexec function causing it to segfault.
Thanks to a report from BlueCat Networks.
[ISC-Bugs #26704].
CVE: CVE-2011-4539
! Modify the DDNS handling code. In a previous patch we added logging
code to the DDNS handling. This code included a bug that caused it
to attempt to dereference a NULL pointer and eventually segfault.
While reviewing the code as we addressed this problem, we determined
that some of the updates to the lease structures would not work as
planned since the structures being updated were in the process of
being freed: these updates were removed. In addition we removed an
incorrect call to the DDNS removal function that could cause a failure
during the removal of DDNS information from the DNS server.
Thanks to Jasper Jongmans for reporting this issue.
[ISC-Bugs #27078]
CVE: CVE-2011-4868
- Fixed the code that checks if an address the server is planning
to hand out is in a reserved range. This would appear as
the server being out of addresses in pools with particular ranges.
[ISC-Bugs #26498]
- In the DDNS code handle error conditions more gracefully and add more
logging code. The major change is to handle unexpected cancel events
from the DNS client code.
[ISC-Bugs #26287].
- Tidy up the receive calls and eliminate the need for found_pkt
[ISC-Bugs #25066]
- Add support for Infiniband over sockets to the server and
relay code. We've tested this on Solaris and hope to expand
support for Infiniband in the future. This patch also corrects
some issues we found in the socket code. [ISC-Bugs #24245]
- Add a compile time check for the presence of the noreturn attribute
and use it for log_fatal if it's available. This will help code
checking programs to eliminate false positives.
[ISC-Bugs #27539]
- Fixed many compilation problems ("set, but not used" warnings) for
gcc 4.6 that may affect Ubuntu 11.10 users. [ISC-Bugs #27588]
- Modify the code that determines if an outstanding DDNS request
should be cancelled. This patch results in cancelling the
outstanding request less often. It fixes the problem caused
by a client doing a release where the txt and ptr records
weren't removed from the DNS.
[ISC-BUGS #27858]
- Use offsetof() instead of sizeof() to get the sizes for dhcpv6_relay_packet
and dhcpv6_packet in several more places. Thanks to a report from
Bruno Verstuyft and Vincent Demaertelaere of Excentis.
[ISC-Bugs #27941]
- Remove outdated note in the bootp keyword about the option not satisfying
the requirement of failover peers for denying dynamic bootp clients.
[ISC-bugs #28574]
- Multiple items to clean up IPv6 address processing.
When processing an IA that we've seen check to see if the
addresses are usable (not in use by somebody else) before
handing it out.
When reading in leases from the file discard expired addresses.
When picking an address for a client include the IA ID in
addition to the client ID to generally pick different addresses
for different IAs.
[ISC-Bugs #23138] [ISC-Bugs #27945] [ISC-Bugs #25586]
[ISC-Bugs #27684]
- Remove unnecessary checks in the lease query code and clean up
several compiler issues (some dereferences of NULL and treating
an int as a boolean).
[ISC-Bugs #26203]
- Fix the NA and PD allocation code to handle the case where a client
provides a preference and the server doesn't have any addresses or
prefixes available. Previoulsy the server ignored the request with
this patch it replies with a NoAddrsAvail or NoPrefixAvai respone.
By default the code performs according to the errata of August 2010
for RFC 3315 section 17.2.2, to enable the previous style see the
seciton on RFC3315_PRE_ERRATA_2010_08 in includes/site.h. This option
may be removed in the future.
Thanks to Jiri Popelka at Red Hat for the patch.
[ISC-Bugs #22676]
- Fix up some issues found by static analysis
A potential memory leak and NULL dereference in omapi.
The use of a boolean test instead of a bitwise test in dst.
[ISC-Bugs #28941]
Signed-off-by: Bjørn Mork <bjorn@mork.no>
|
|
Changes since 4.2.3
! Add a check for a null pointer before calling the regexec function.
Without out this check we could, under some circumstances, pass
a null pointer to the regexec function causing it to segfault.
Thanks to a report from BlueCat Networks.
[ISC-Bugs #26704].
CVE: CVE-2011-4539
Signed-off-by: Bjørn Mork <bjorn@mork.no>
|
|
From: Shawn Routhier <sar@isc.org>
Subject: ISC DHCP 4.2.3 is now available for download
To: df-announce@isc.org, dhcp-announce@isc.org, dhcp-workers@lists.isc.org, Users of ISC DHCP <dhcp-users@lists.isc.org>
Date: Wed, 19 Oct 2011 16:18:28 -0700
Organization: ISC
Reply-To: Users of ISC DHCP <dhcp-users@lists.isc.org>
ISC DHCP 4.2.3 is now available for download.
This is the public release of ISC DHCP 4.2.3, a maintenance
release which contains a small number of bug fixes.
A list of the changes in this release has been appended to the end
of this message. For a complete list of changes from any previous
release, please consult the RELNOTES file within the source
distribution, or on our website:
http://www.isc.org/software/dhcp/423
This release, and its OpenPGP-signatures are available now from:
ftp://ftp.isc.org/isc/dhcp/dhcp-4.2.3/dhcp-4.2.3.tar.gz
ftp://ftp.isc.org/isc/dhcp/dhcp-4.2.3/dhcp-4.2.3.tar.gz.sha512.asc
ftp://ftp.isc.org/isc/dhcp/dhcp-4.2.3/dhcp-4.2.3.tar.gz.sha256.asc
ftp://ftp.isc.org/isc/dhcp/dhcp-4.2.3/dhcp-4.2.3.tar.gz.sha1.asc
ISC's Release Signing Key can be obtained at:
http://www.isc.org/about/openpgp/
Changes since 4.2.3rc1
- None.
Changes since 4.2.2
- Fix the code that checks for an existing DDNS transaction to cancel
when removing DDNS information, so that we will continue with the
processing if we have a lease even if it doesn't have an outstanding
transaction. [ISC-Bugs #24682]
- Add AM_MAINTAINER_MODE to configure.ac to avoid rebuilding
configuration files. [ISC-Bugs #24107]
- Add support for passing DDNS information to a DNS server over
an IPv6 address. [ISC-Bugs #22647]
- Enhanced patch for 23595 to handle IPv4 fixed addresses more
cleanly. [ISC-Bugs #23595]
Signed-off-by: Bjørn Mork <bjorn@mork.no>
|
|
Signed-off-by: Bjørn Mork <bjorn@mork.no>
|