[ubuntu/lunar-proposed] isc-dhcp 4.4.3-P1-1ubuntu1 (Accepted)
Graham Inggs
ginggs at ubuntu.com
Mon Nov 28 14:42:13 UTC 2022
isc-dhcp (4.4.3-P1-1ubuntu1) lunar; urgency=medium
* Merge from Debian unstable, remaining changes:
- debian/control: Add libcap-dev build dependency.
- Apparmor profiles for dhclient and dhcpd.
- Apport hook for isc-dhcp-client and isc-dhcp-server.
- Add systemd units for -server and -relay.
- If /etc/ltsp/dhcpd.conf exists, use that instead of
/etc/dhcp/dhcpd.conf.
- Create user/group dhcpd and make isc-dhcp-server depend on adduser.
- isc-dhcp-server: Suggest policycoreutils instead of recommending it.
- Create /etc/dhcp/ddns-keys/ for DDNS updates.
- Increase the timeout to 300 seconds for dhclient.conf (following the
default added by dhclient-safer-timeout).
- Sanitize environment in dhclient-script.linux.
- add IPv6 initramfs support.
- Separate default file for isc-dhcp-relay6.
- Drop isc-dhcp-server/new_auth_behavior question from high to medium
- dhclient-script.linux: handle empty case also when waiting for ipv6 link
local DAD.
- debian/initramfs-tools/lib/etc/dhcp/dhclient-enter-hooks.d/config: fix
the logic for handling search domains to also write it to the output
file when only the domain name is provided by the DHCP server. Copied
code from debian/dhclient-script.linux.
- Remaining Ubuntu patches:
+ dhclient-fix-backoff
+ revert-next-server
+ multi-ip-addr-per-if
+ dhclient-safer-timeout
+ onetry_retry_after_initial_success
+ dhcp-lpf-ib.patch
+ dhcp-improved-xid.patch
+ dhcp-gpxe-cid.patch
+ dhcp-improved-xid-correct-byte-order.patch
+ dhcp-4.2.4-dhclient-options-changed.patch
+ ubuntu-dhcpd-conf.patch
- Apply patch from Alkis Georgopoulos to generate correct
net{,6}-${iface}.conf files when DHCP supplies multiple DNS servers.
- Write pidfile before informing parent of success.
- Ship dhcp exit hook to push DNS information to resolved. LP #1889068
- debian/apparmor/usr.sbin.dhcpd: also allow r+w on /proc/*/comm and
/proc/*/task/*/comm (LP #1870729)
- debian/apparmor/sbin.dhclient: also properly confine /usr/sbin/dhclient
(LP #1850820)
- debian/rules: build with -fno-strict-aliasing.
- debian/rules: Build with -O2 instead on -O3 on ppc64el
- Fix env variable for INTERFACES
+ d/isc-dhcp-server.isc-dhcp-server{,6}.service: Replace $INTERFACES
variable with $INTERFACEv4 and $INTERFACESv6, respectively, for
respective services file.
- Stop building the udeb on request.
- debian/resolved: chown $statedir to systemd-resolve
- d/apparmor/sbin.dhclient: fix apparmor="DENIED" errors
- Disable make_resolv_conf() if systemd-resolved is in use.
- Include /etc/dhcp/dhclient-exit-hooks.d/rfc3442-classless-routes in
the initramfs.
- debian/rules: update to use dh_installsystemd.
- debian/control: add Pre-Depends: ${misc:Pre-Depends} for
init-system-helpers.
- drop shebang line from apport hooks; these are sourced not executed
and /usr/bin/python as an interpreter just confuses things.
- debian/isc-dhcp-server.postinst: dhcpd user home directory on new
installs should be /run, not /var/run. No handling of migration at this
time.
- debian/patches/bind-outdated-config.guess.patch: run autoreconf in
the bind directory.
- Reorder the initramfs hook so that all files end up in the right
directories.
* Dropped patches, included upstream:
- debian/patches/CVE-2022-2928.patch
- debian/patches/CVE-2022-2929.patch
isc-dhcp (4.4.3-P1-1) unstable; urgency=low
* New upstream version 4.4.3-P1
* Remove no longer needed CVE-2022-2928.patch and CVE-2022-2929.patch
isc-dhcp (4.4.3-2.1) unstable; urgency=medium
* Non-maintainer upload.
* An option refcount overflow exists in dhcpd (CVE-2022-2928)
(Closes: #1021320)
* DHCP memory leak (CVE-2022-2929) (Closes: #1021320)
Date: Mon, 28 Nov 2022 14:34:02 +0000
Changed-By: Graham Inggs <ginggs at ubuntu.com>
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
https://launchpad.net/ubuntu/+source/isc-dhcp/4.4.3-P1-1ubuntu1
-------------- next part --------------
Format: 1.8
Date: Mon, 28 Nov 2022 14:34:02 +0000
Source: isc-dhcp
Built-For-Profiles: noudeb
Architecture: source
Version: 4.4.3-P1-1ubuntu1
Distribution: lunar
Urgency: medium
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
Changed-By: Graham Inggs <ginggs at ubuntu.com>
Closes: 1021320
Changes:
isc-dhcp (4.4.3-P1-1ubuntu1) lunar; urgency=medium
.
* Merge from Debian unstable, remaining changes:
- debian/control: Add libcap-dev build dependency.
- Apparmor profiles for dhclient and dhcpd.
- Apport hook for isc-dhcp-client and isc-dhcp-server.
- Add systemd units for -server and -relay.
- If /etc/ltsp/dhcpd.conf exists, use that instead of
/etc/dhcp/dhcpd.conf.
- Create user/group dhcpd and make isc-dhcp-server depend on adduser.
- isc-dhcp-server: Suggest policycoreutils instead of recommending it.
- Create /etc/dhcp/ddns-keys/ for DDNS updates.
- Increase the timeout to 300 seconds for dhclient.conf (following the
default added by dhclient-safer-timeout).
- Sanitize environment in dhclient-script.linux.
- add IPv6 initramfs support.
- Separate default file for isc-dhcp-relay6.
- Drop isc-dhcp-server/new_auth_behavior question from high to medium
- dhclient-script.linux: handle empty case also when waiting for ipv6 link
local DAD.
- debian/initramfs-tools/lib/etc/dhcp/dhclient-enter-hooks.d/config: fix
the logic for handling search domains to also write it to the output
file when only the domain name is provided by the DHCP server. Copied
code from debian/dhclient-script.linux.
- Remaining Ubuntu patches:
+ dhclient-fix-backoff
+ revert-next-server
+ multi-ip-addr-per-if
+ dhclient-safer-timeout
+ onetry_retry_after_initial_success
+ dhcp-lpf-ib.patch
+ dhcp-improved-xid.patch
+ dhcp-gpxe-cid.patch
+ dhcp-improved-xid-correct-byte-order.patch
+ dhcp-4.2.4-dhclient-options-changed.patch
+ ubuntu-dhcpd-conf.patch
- Apply patch from Alkis Georgopoulos to generate correct
net{,6}-${iface}.conf files when DHCP supplies multiple DNS servers.
- Write pidfile before informing parent of success.
- Ship dhcp exit hook to push DNS information to resolved. LP #1889068
- debian/apparmor/usr.sbin.dhcpd: also allow r+w on /proc/*/comm and
/proc/*/task/*/comm (LP #1870729)
- debian/apparmor/sbin.dhclient: also properly confine /usr/sbin/dhclient
(LP #1850820)
- debian/rules: build with -fno-strict-aliasing.
- debian/rules: Build with -O2 instead on -O3 on ppc64el
- Fix env variable for INTERFACES
+ d/isc-dhcp-server.isc-dhcp-server{,6}.service: Replace $INTERFACES
variable with $INTERFACEv4 and $INTERFACESv6, respectively, for
respective services file.
- Stop building the udeb on request.
- debian/resolved: chown $statedir to systemd-resolve
- d/apparmor/sbin.dhclient: fix apparmor="DENIED" errors
- Disable make_resolv_conf() if systemd-resolved is in use.
- Include /etc/dhcp/dhclient-exit-hooks.d/rfc3442-classless-routes in
the initramfs.
- debian/rules: update to use dh_installsystemd.
- debian/control: add Pre-Depends: ${misc:Pre-Depends} for
init-system-helpers.
- drop shebang line from apport hooks; these are sourced not executed
and /usr/bin/python as an interpreter just confuses things.
- debian/isc-dhcp-server.postinst: dhcpd user home directory on new
installs should be /run, not /var/run. No handling of migration at this
time.
- debian/patches/bind-outdated-config.guess.patch: run autoreconf in
the bind directory.
- Reorder the initramfs hook so that all files end up in the right
directories.
* Dropped patches, included upstream:
- debian/patches/CVE-2022-2928.patch
- debian/patches/CVE-2022-2929.patch
.
isc-dhcp (4.4.3-P1-1) unstable; urgency=low
.
* New upstream version 4.4.3-P1
* Remove no longer needed CVE-2022-2928.patch and CVE-2022-2929.patch
.
isc-dhcp (4.4.3-2.1) unstable; urgency=medium
.
* Non-maintainer upload.
* An option refcount overflow exists in dhcpd (CVE-2022-2928)
(Closes: #1021320)
* DHCP memory leak (CVE-2022-2929) (Closes: #1021320)
Checksums-Sha1:
2f55d6f6f1442c6bfc0e5665db4472a8095bc2f0 2969 isc-dhcp_4.4.3-P1-1ubuntu1.dsc
1f82ddfbe43c6e03e22240cd9494bd9e8f52c8b1 10081055 isc-dhcp_4.4.3-P1.orig.tar.gz
fc4138fdfb51a2fc4464162e06da72f9251f147b 874 isc-dhcp_4.4.3-P1.orig.tar.gz.asc
b5c3252d302ebe8432f70b0485a84082dc369198 128496 isc-dhcp_4.4.3-P1-1ubuntu1.debian.tar.xz
eb09b9f821937b9eb1c6d38b166fbf6b3eaf01c4 7143 isc-dhcp_4.4.3-P1-1ubuntu1_source.buildinfo
Checksums-Sha256:
f602b0cd8322314e1fece2c5720d644fa6cc0550577abeabad84503854b9ff5a 2969 isc-dhcp_4.4.3-P1-1ubuntu1.dsc
0ac416bb55997ca8632174fd10737fd61cdb8dba2752160a335775bc21dc73c7 10081055 isc-dhcp_4.4.3-P1.orig.tar.gz
66dd53dc74df0b02f1672158f1e35c61d4d8c6cf61940fcb0d0b2ee9b60cbc98 874 isc-dhcp_4.4.3-P1.orig.tar.gz.asc
ed9a04fae40479d2f46d58eeee6c65266a30f7181a33a4d4557b653aa9fe03b7 128496 isc-dhcp_4.4.3-P1-1ubuntu1.debian.tar.xz
6e16e9b1c6e95e59e55ddf347acb682d115df1009718ca2195f641b409c189c0 7143 isc-dhcp_4.4.3-P1-1ubuntu1_source.buildinfo
Files:
762aa9f89afd84c970e61153dbe3a0f4 2969 net important isc-dhcp_4.4.3-P1-1ubuntu1.dsc
36c6ca77212373b0cff478ae9e5d32af 10081055 net important isc-dhcp_4.4.3-P1.orig.tar.gz
6db320501d5766198bc2da9515c62bbb 874 net important isc-dhcp_4.4.3-P1.orig.tar.gz.asc
5963b08839c7269882b1510d7da7f003 128496 net important isc-dhcp_4.4.3-P1-1ubuntu1.debian.tar.xz
ae8b4e0c948a6bc228ee7f6d37d2b137 7143 net important isc-dhcp_4.4.3-P1-1ubuntu1_source.buildinfo
Original-Maintainer: Debian ISC DHCP Maintainers <isc-dhcp at packages.debian.org>
More information about the lunar-changes
mailing list