Index index by Group index by Distribution index by Vendor index by creation date index by Name Mirrors Help Search

dhcp-client-4.2.4.P1- RPM for x86_64

From OpenSuSE 12.2 for x86_64

Name: dhcp-client Distribution: openSUSE 12.2
Version: 4.2.4.P1 Vendor: openSUSE
Release: Build date: Wed Aug 8 22:05:08 2012
Group: Productivity/Networking/Boot/Clients Build host: build12
Size: 1700473 Source RPM: dhcp-4.2.4.P1-
Summary: ISC DHCP Client
This is an alternative DHCP client, the ISC DHCP client for Linux. Like
"dhcpcd" (the client that is installed by default), it can be used to
configure the network setup.  IP address, hostname, routing,
nameserver, netmask, and broadcast can be dynamically assigned while
booting the machine.

It is configurable via the configuration file /etc/dhclient.conf and
you can define your own 'hooks' to be used by the /sbin/dhclient-script
(which is called by the daemon).

    Internet Systems Consortium, Inc. <>






* Wed Jul 25 2012
  - Update to ISC dhcp-4.2.4-P1 release, providing following security
    fixes (bnc#772924):
    - Previously the server code was relaxed to allow packets with zero
      length client ids to be processed.  Under some situations use of
      zero length client ids can cause the server to go into an infinite
      loop. As such ids are not valid according to RFC 2132 section 9.14
      the server no longer accepts them.  Client ids with a length of 1
      are also invalid but the server still accepts them in order to
      minimize disruption.  The restriction will likely be tightened in
      the future to disallow ids with a length of 1.
      Thanks to Markus Hietava of Codenomicon CROSS project for the
      finding this issue and CERT-FI for vulnerability coordination.
      [ISC-Bugs #29851] CVE: CVE-2012-3571
    - When attempting to convert a DUID from a client id option
      into a hardware address handle unexpected client ids properly.
      Thanks to Markus Hietava of Codenomicon CROSS project for the
      finding this issue and CERT-FI for vulnerability coordination.
      [ISC-Bugs #29852] CVE: CVE-2012-3570
    - A pair of memory leaks were found and fixed.  Thanks to Glen
      Eustace of Massey University, New Zealand for finding this issue.
      [ISC-Bugs #30024] CVE: CVE-2012-3954
  - Moved lease file check to a separate action so it is not used in
    restart -- it can fail when the daemon rewrites the lease causing
    a restart failure then (bnc#762108 regression).
  - Request dhcp6.sntp-servers in /etc/dhclient6.conf and forward to
    netconfig for processing (bnc#770236).
  - Removed RFC 4833 TZ options from client requests [unused].
* Tue Jun 19 2012
  - Update to ISC dhcp-4.2.4 release, fixing a dhcpv6 server assert
    crash while accessing lease on heap (bnc#767661) and providing
    the following fixes:
    - Rotate the lease file when running in v6 mode.
      Thanks to Christoph Moench-Tegeder at Astaro for the
      report and the first version of the patch. [ISC-Bugs #24887]
    - Fixed the code that checks if an address the server is planning
      to hand out is in a reserved range.  This would appear as the
      server being out of addresses in pools with particular ranges.
      [ISC-Bugs #26498]
    - In the DDNS code handle error conditions more gracefully and
      add more logging code. The major change is to handle unexpected
      cancel events from the DNS client code. [ISC-Bugs #26287]
    - Tidy up the receive calls and eliminate the need for found_pkt.
      [ISC-Bugs #25066]
    - Add support for Infiniband over sockets to the server and
      relay code.  We've tested this on Solaris and hope to expand
      support for Infiniband in the future.  This patch also corrects
      some issues we found in the socket code. [ISC-Bugs #24245]
    - Add a compile time check for the presence of the noreturn attribute
      and use it for log_fatal if it's available.  This will help code
      checking programs to eliminate false positives. [ISC-Bugs #27539]
    - Fixed many compilation problems ("set, but not used" warnings) for
      gcc 4.6 that may affect Ubuntu 11.10 users. [ISC-Bugs #27588]
    - Modify the code that determines if an outstanding DDNS request
      should be cancelled.  This patch results in cancelling the
      outstanding request less often.  It fixes the problem caused
      by a client doing a release where  the TXT and PTR records
      weren't removed from the DNS. [ISC-BUGS #27858]
    - Use offsetof() instead of sizeof() to get the sizes for
      dhcpv6_relay_packet and dhcpv6_packet in several more places.
      Thanks to a report from Bruno Verstuyft and Vincent Demaertelaere
      of Excentis. [ISC-Bugs #27941]
    - Remove outdated note in the description of the bootp keyword about
      the option not satisfying the requirement of failover peers for
      denying dynamic bootp clients. [ISC-bugs #28574]
    - Multiple items to clean up IPv6 address processing. When processing
      an IA that we've seen check to see if the addresses are usable
      (not in use by somebody else) before handing it out.
      When reading in leases from the file discard expired addresses.
      When picking an address for a client include the IA ID in
      addition to the client ID to generally pick different addresses
      for different IAs. [ISC-Bugs #23138] [ISC-Bugs #27945]
      [ISC-Bugs #25586] [ISC-Bugs #27684]
    - Remove unnecessary checks in the lease query code and clean up
      several compiler issues (some dereferences of NULL and treating
      an int as a boolean). [ISC-Bugs #26203]
    - Fix the NA and PD allocation code to handle the case where a client
      provides a preference and the server doesn't have any addresses or
      prefixes available.  Previoulsy the server ignored the request with
      this patch it replies with a NoAddrsAvail or NoPrefixAvail response.
      By default the code performs according to the errata of August 2010
      for RFC 3315 section 17.2.2; to enable the previous style see the
      section on RFC3315_PRE_ERRATA_2010_08 in includes/site.h.
      This option may be removed in the future. Thanks to Jiri Popelka at
      Red Hat for the patch. [ISC-Bugs #22676]
    - Fix up some issues found by static analysis. A potential memory leak
      and NULL dereference in omapi. The use of a boolean test instead of
      a bitwise test in dst. [ISC-Bugs #28941]
  - Replaced our patches with a complete and upstream verified patch:
    - Fix some issues in the code for parsing and printing options.
      [ISC-Bugs #27314] - properly parse a zero length option from
      a lease file.
      [ISC-Bugs #22796] - properly determine if we parsed a 16 or
      32 bit value in evaluate_numeric_expression (extract-int).
      [ISC-Bugs #22625] - properly print options that have several
      fields followed by an array of something for example "fIa"
      [ISC-Bugs #27289] - properly parse options in declarations
      that have several fields followed by an array of something
      for example "fIa"
    This patch obsoletes the following (bnc#739696) patches:
    - dhclient: parse_option_param: Bad format a
    - zero-length option lease parse error in dhclient6
  - Merged ldap and options check patches for the new version
  - Fixed dhcp-server init script to check syntax and fail while
    force-reload and restart to avoid stopping of running daemon
    followed by start failure (bnc#762108). Added to
    chroot, so the server can report assert/crash line.
* Wed Mar 28 2012
  - Added RFC 4833 TimeZone PosixString and Name declarations to
    server and client configs [not used yet].
* Mon Mar 19 2012
  - dhcp-server: fixed to escape all values used in constructed
    ldap filters as a DN may contain e.g. asterisks (bnc#721829,
    [ISC-Bugs #28545]).
* Fri Jan 13 2012
  - Updated to ISC dhcp-4.2.3-P2 release, providing a DDNS security fix:
    Modify the DDNS handling code. In a previous patch we added logging
    code to the DDNS handling.  This code included a bug that caused it
    to attempt to dereference a NULL pointer and eventually segfault.
    While reviewing the code as we addressed this problem, we determined
    that some of the updates to the lease structures would not work as
    planned since the structures being updated were in the process of
    being freed: these updates were removed.  In addition we removed an
    incorrect call to the DDNS removal function that could cause a failure
    during the removal of DDNS information from the DNS server.
    Thanks to Jasper Jongmans for reporting this issue.
    ([ISC-Bugs #27078], CVE: CVE-2011-4868, bnc#741239)
  - Fixed close-on-exec patch to not set it on stderr (bnc#732910)
  - Fixed incorrect "a" array type option parsing causing to discard
    e.g. classless static routes from lease file [reported as ISC-Bug
    27289] and zero-length option parsing such as dhcp6.rapid-commit
    in dhclient6 [reported as ISC-Bug 27314] (bnc#739696).
  - Fixed dhclient to include its pid number in syslog messages.
  - Fixed to use P2 in the spec version, not in the release tag.
* Fri Dec 09 2011
  - Updated to ISC dhcp-4.2.3-P1 release, providing security fix for
    a DoS due to processing certain regular expressions (bnc#735610)
    and several important DDNS related fixes:
    * Add a check for a null pointer before calling the regexec function.
      Without out this check we could, under some circumstances, pass
      a null pointer to the regexec function causing it to segfault.
      Thanks to a report from BlueCat Networks. [ISC-Bugs #26704]
    * Fix the code that checks for an existing DDNS transaction to
      cancel when removing DDNS information, so that we will continue
      with the processing if we have a lease even if it doesn't have an
      outstanding transaction.  [ISC-Bugs #24682]
    * Add AM_MAINTAINER_MODE to to avoid rebuilding
      configuration files.  [ISC-Bugs #24107]
    * Add support for passing DDNS information to a DNS server over
      an IPv6 address.  [ISC-Bugs #22647]
    * Enhanced patch for 23595 to handle IPv4 fixed addresses more
      cleanly.  [ISC-Bugs #23595]
  - Refreshed ldap patch
* Fri Sep 30 2011
  - add libtool as buildrequire to make the spec file more reliable
* Tue Sep 06 2011
  - Commented out all configuration examples in /etc/dhcpd.conf and
    dhcp6.conf (bnc#715473).
  - Enabled dhcp6.rapid-commit in /etc/dhclient6.conf config file.
  - Removed useless provides/obsoletes from spec file.
* Wed Aug 31 2011
    variables to /etc/dhcpd.d and /etc/dhcpd6.d by default, so there
    are well-defined directories expected to contain additional config
    files (bnc#690585).
* Mon Aug 29 2011
  - Updated to ISC dhcp-4.2.2 release, providing two security fixes
    (CVE-2011-2748,CVE-2011-2749,[ISC-Bugs #24960],bnc#712653), that
    allowed remote attackers to cause a denial of service (a daemon
    exit) via crafted BOOTP packets. Further also DNS update fix to
    detect overlapping pools or misconfigured fixed-address entries,
    that caused a server crash during DNS update and other fixes.
    For a complete list, please see the RELNOTES file provided in
    the package and also available online at
  - Merged/adopted dhclient option-checks, send-hostname-rml, ldap
    patch, xen-checksum, close-on-exec patches and removed obsolete
    in6_pktinfo-prototype and relay-no-ip-on-interface patches.
  - Moved server pid files into chroot directory even chroot is
    not used and create a link in /var/run, so it can write one
    when started as user without chroot and avoid stop problems
    when the chroot sysconfig setting changed (bnc#712438).
  - Disabled log-info level messages in dhclient(6) quiet mode to
    avoid excessive logging of non-critical messages (bnc#711420).
  - Fixed dhclient-script to not remove alias IP when it didn't
    changed to not wipe out iptables connmark when renewing the
    lease (bnc#700771). Thanks to James Carter for the patch.
  - Fixed DDNS-howto.txt reference in the config file; it has been
    moved to the dhcp-doc package (bnc#697279).
  - Removed GPL licensed files (bind-*/contrib/dbus) from bind.tgz
    to ensure, they're not used to build non-GPL dhcp (bnc#714004).
  - Changed to apply strict-aliasing/RELRO for >= 12.x only
* Wed Jul 20 2011
  - Correct previous change.
* Wed Jul 20 2011
  - THis is a long running network daemon, link with
    full RELRO security enhancements.
  - remove -fno-strict-aliasing from CFLAGS, no longer needed.
* Tue May 17 2011
  - Import redhat's patch to open all needed FDs  with O_CLOEXEC
    so they dont leak.
* Thu May 12 2011
  - Removed obsolete sles8 compatibility dependencies, fixed
    to avoid non-functional sles_version conditionals.
* Tue May 10 2011
  - Fixed to not introduce separate dhcp-doc package on sles,
    use versioned provides/obsoletes, improved conditionals.
* Tue May 03 2011
  - Fixed dhclient-script typo causing ISC DHCPv6 client to execute
    ifup pre-down scripts also while renew, when the ipv6 address
    did not changed (bnc#690859).
* Fri Apr 29 2011
  - Implemented optional ldap connect retry loop during the initial
    startup of the dhcp server in cases where the ldap server is not
    yet started. Set the ldap-init-retry <num> option in dhcpd.conf
    to enable it (bnc#627617). Merged in the actual ldap patch.
  - Cleaned up init script error reporting, no -TERM for killproc.
* Wed Apr 27 2011
  - Updated to ISC dhcp-4.2.1-P1 release, that provides most of the
    dhclient pretty escape and string option checks. Merged to use
    relaxed domain-name option check causing a regression, when the
    server is misusing it to provide a domain list (compatibility to
    attic clients) and does not provide it via domain-search option;
    pretty escape semicolon as well (bnc#675052, CVE-2011-0997).
* Thu Mar 31 2011
  - Discard string options such as host and domain names containing
    disallowed characters or beeing too long. This proctive patch
    limits root-path to a-zA-Z0-9, #%+-_:.,@~/\[]= and a space
    (bnc#675052, CVE-2011-0997).
* Thu Mar 31 2011
  - Updated to ISC DHCP 4.2.1 release (bnc#680298), that provides
    following fixes (digest):
    * Several fixes to OMAPI, cleanup of dereferenced pointers in
      the omapi handle, handling of pipe failures and status code
      in omapi signal handler that may cause connect failure and
      100% CPU use.
    * Handle some DDNS corner cases better
    * Several fixes to lease input and output
    * Corrected side effect of printing all data strings as hex.
    * Host record references leaks causing applying config to all
      innocent clients.
    * Memory leak when parsing a domain name
    * Fixes to configuration parsing including infinite loop.
    * Fixed for unexpected abort caused by a DHCPv6 decline.
    For the complete list see the RELNOTES file, that is available
    also online at
  - Removed obsolete optional-value-infinite-loop, no-libcrypto
    and CVE-2011-0413.bnc667655 patches.
  - Merged the dhclient-send-hostname and ldap patches.
* Mon Feb 21 2011
  - dhclient-script: fixed typo causing that only global settings
    to set hostname and default route were applied for primary
    and never per interface settings (bnc#673792).
* Fri Feb 18 2011
  - Added dhcp-4.2.0-xen-checksum.patch by David Cantrell to handle
    xen partial UDP checksums (bnc#668194).
* Wed Feb 02 2011
  - Applied security fix for unexpected abort caused by a DHCPv6
    decline message (CVE-2011-0413, VU#686084, bnc#667655).
  - Fixed dhclient.conf to request the domain-search option.
* Mon Dec 13 2010
  - Updated to ISC DHCP 4.2.0-P2, a security release fixing the
    handling of connection requests on the failover port.
    Previously a connection request from a source that wasn't
    listed as a failover peer would cause the server to become
    non-responsive. ([ISC-Bugs #22679] CERT: VU#159528 CVE:
    CVE-2010-3616, bnc#659059).
* Tue Dec 07 2010
  - Enable ldap CASA support on SLE only.
* Tue Nov 30 2010
  - Fixed to use same/correct dhcrelay6 interface variables in the
    sysconfig file and in the dhcrelay6 init script.
* Mon Nov 29 2010
  - Updated to ISC DHCP 4.2.0-P1 release, providing a security fix to
    handle a relay forward message with an unspecified address in the
    link address field. Previously such a message would cause the
    server to crash. Thanks to a report from John Gibbons.
    [ISC-Bugs #21992] CERT: VU#102047 CVE: CVE-2010-3611 (bnc#650902)
    The 4.2.0 version is a feature release, implementing asynchronous
    DDNS processing and includes "The LDAP Patch".
    For a complete list of changes from any previous release, please
    consult the RELNOTES file within the source distribution or on
    the ISC website:
  - Fixed compilation to avoid segfaults as soon as ldap is enabled,
    merged our ldap patches from 4.1.x branch.
* Tue Nov 02 2010
  - Fixed a dhcrelay segfault while receiving packets on interfaces
    without any IPv4 address assigned (bnc#631305, reported upsteam
    as [ISC-Bugs #22409]).
  - Fixed a common infinite loop while parsing options with optional
    parts in the value such as in slp-service-scope option (bnc#643845,
    reported upsteam as [ISC-Bugs #22410]).
  - Fixed init scripts to report correct LSB codes in status action,
    when the config file or the binary do not exists (bnc#640336).
  - Fixed syntax of a check in the rcdhcrelay[6] (bnc#648580)
  - Avoid pid check error message in the rcdhcpd[6] (bnc#646875)
* Wed Sep 29 2010
  - Fixed server lease file path in contrib/listlease and leasestate
    changed to extract contrib and examples using setup macro.
* Wed Aug 04 2010
  - Renamed rfc3442-classless-static-routes_raw in /etc/dhclient.conf
    to rfc3442-classless-static-routes for compatibility with the
    NetworkManager making use of /etc/dhclient.conf now and adopted
    /sbin/dhclient-script (bnc#625770).
* Tue Jul 27 2010
  - Fixed ldap option number conflicting with new options (bnc#625358)
* Fri Jul 02 2010
  - Added a fix for an lpf bind error messages making it easier to
    localize problems (bnc#617795)
* Mon Jun 14 2010
  - Updated to ISC DHCP 4.1.1-P1 patch release, which contains
    a pair of bug fixes including one for a security related bug
    (bnc#612546, CVE-2010-2156):
    * A bug was fixed that could cause the DHCPv6 server to
      advertise/assign a previously allocated (active) lease to a
      client that has changed subnets, despite being on different
      shared networks. Dynamic prefixes specifically allocated in
      shared networks also now are not offered if the client has
      moved. [ISC-Bugs #21152]
    * Accept a client id of length 0 while hashing. Previously the
      server would exit if it attempted to hash a zero length client
      id, providing attackers with a simple denial of service attack.
      [ISC-Bugs #21253]
* Tue May 18 2010
  - Added rc.dhcrelay6 as source in the spec file
* Tue May 11 2010
  - Fixed dhcprelay scripts to source sysconfig file correctly
  - Fixed spec file typo in arping path require, enabled ldap
  - Fixed a dhclient option name and new/old ip address check
* Fri May 07 2010
  - Updated to ISC DHCP 4.1.1, the current 4.x series production
    release, providing DHCPv6 client/server/relay implementation.
    The programs act in DHCPv6 mode, when the -6 start option is set.
    We install separate init scripts with a 6 at the end to handle
    them, that is /etc/init.d/dhcpd6 and dhrelay6. Further, there is
    also a link to the binaries with a 6 at the end, e.g. dhclient6,
    making it visible, that the installed version supports DHCPv6.
  - Moved additional documentation to a separate dhcp-doc package.
  - Changed to provide config files and scripts as source files
    instead of patches to the ISC scripts.
  - Adopted spec file and config/scripts, merged in all patches.
  - Implemented RFC 3442 classless static routes support in the
    dhclient-script (bnc#555870).
* Thu Apr 29 2010
  - Updated to ISC DHCP 3.1-ESV, an extended support version release
    which includes a small number of bug fixes (bnc#592178) over the
    3.1.3 version:
    * Modified the handling of a connection to avoid releasing the
      omapi io object for the connection while it is still in use.
      One symptom from this error was a segfault when a failover
      secondary attempted to connect to the failover primary if
      their clocks were not synchronized.
    * Fix test in dhcp_interface_signal_handler to check that the
      inner handler has a signal_handler before calling it.
    * When using 'ignore client-updates;', the FQDN returned to the
      client is no longer truncated to one octet.
    * Clean up some compiler warnings - ticket 19054.
  - Fixed vlan interface check in dhcpd-restart-hook if-up.d script
  - Touch dhclient.leases in post-install script instead to provide
    an empty file, versioned provides/obsoletes (rpmlint warnings).
* Fri Mar 12 2010
  - Fixed dhclient-script to call ifup -o dhcp and signal "complete"
    to ifup when all configuration is done (bnc#585380,bnc#518219).
* Thu Jan 07 2010
  - Enable parallel building
  - Use large PIE model on all SPARC flavors
* Mon Dec 14 2009
  - Fixed dhclient-script to use correct sysconfig run dir path
    to not to break the defaultroute/hostname setup (bnc#555095).
  - Don't request any specific lease-time by default (bnc#516459).
* Fri Oct 16 2009
  - Fixed dhclient-script to forward new_domain_search as DNSSEARCH
    to netconfig.
* Tue Oct 13 2009
  - Updated to dhcp-3.1.3 maintenance release fixing several issues
    (a digest, see RELNOTES for the complete list):
    * Remove infinite loop in token_print_indent_concat().
    * A parser bug was fixed that segfaulted if site-option-space
      was tried to be used interchangeably with vendor-option-space.
    * Two uninitialized stack structures are now memset to zero,
      thanks to patch from David Cantrell at Red Hat.
    * Memory leak in the load_balance_mine() function is fixed. This
      would leak ~20-30 octets per DHCPDISCOVER packet while failover
      was in use and in normal state.
    * Fixed setting hostname in Linux hosts that require hostname
      argument to be double-quoted.  Also allow server-provided
      hostname to override hostnames 'localhost' and '(none)'.
    * Added client support for setting interface MTU and metric,
      thanks to Roy "UberLord" Marples <>.
    * Fixed failover reconnection retry code to continue to retry to
      reconnect rather than restarting the listener.
    * Fixed a bug where an OMAPI socket disconnection message would
      not result in scheduling a failover reconnection, if the link
      had not negotiated a failover connect yet (e.g.: connection
      refused, asynch socket connect() timeouts).
    * Versions 3.0.x syntax with multiple name->code option
      definitions is now supported.  Note that, similarly to 3.0.x,
      for by-code lookups only the last option definition is used.
    * Fixed a fenceposting bug when a client had two host records
      configured, one using 'uid' and the other using 'hardware
      ethernet'. CVE-2009-1892
  - Updated to dhcp-3.1.3-ldap-patch-mt-01 including previous fixes.
  - Merged dhclient script, removed obsolete CVE-2009-1892 fix.
* Tue Sep 29 2009
  - Replaced mt-02 ldap patch from old git repository with equivalent
    one (dhcp-3.1.2p1-ldap-patch-mt-02) from a new repository with
    fixed patch history (
* Wed Aug 12 2009
  - Added dhcpd-restart-hook if-up.d script that restarts dhcp server
    while network restart when a virtual interfaces as bridge, bond
    or vlan goes up again (bnc#517810).
* Wed Jul 29 2009
  - Applied fix for a dhcp client id DoS (CVE-2009-1892, bnc#519413).
* Wed Jul 29 2009
  - Updated to dhcp-3.1.2p1 maintenance release fixing following
    * A stack overflow vulnerability was fixed in dhclient that could
      allow remote attackers to execute arbitrary commands as root on
      the system, or simply terminate the client, by providing an
      over-long subnet-mask option.
    * A double-dereference in dhclient transmission of DHCPDECLINEs
      was repaired.
    * Fix handling of -A and -a flags in dhcrelay; it was failing
      to expand packet size as needed to add relay agent options.
    * Corrected list of failover state values in dhcpd man page.
    * Fixed a bug that caused some request types to be logged
    * Fixed a coredump when adding a class via OMAPI.
    * Clients that sent a parameter request list containing the
      routers option before the subnet mask option were receiving
      only the latter. Fixed.
    * The server wasn't always sending the FQDN option when it should.
    * A partner-down failover server no longer emits 'peer holds all
      free leases' if it is able to newly-allocate one of the peer's
    * A cosmetic bug in DHCPDECLINE processing was fixed which caused
      all successful DHCPDECLINEs to be logged as "not found" rather
      than "abandoned".
    * Some failover debugging #defines have been better defined and
      some high frequency messages moved to a deeper debugging symbol.
    * The CLTT parameter in failover is now only updated by client
      activity, and not by failover binding updates.
    * Failover BNDUPD messages are now discarded if they conflict with
      an update that has been trasnmitted, but not acknowledged.
    * A bug cleaning up unknown-xxx temporary option definitions was
  - Removed obsolete dhclient-no-dereference-twice patch
  - Improved dhclient-script to apply global dhcp settings, when
    there is no interface config (bnc#480922).
  - Enabled casa support in dhcp-ldap for >= sles 10 and => 11.1.
  - Updated dhcp-3.1.2p1-ldap-patch-mt.11.2-02 merging all patches
    flying around --  see
    and the git changelog at the begin of the patch.



Generated by rpm2html 1.8.1

Fabrice Bellet, Mon Jul 10 03:11:01 2017