Ubuntu
isc-dhcp package

Merge ~utkarsh/ubuntu/+source/isc-dhcp:lp1894172-fix-env-bionic into ubuntu/+source/isc-dhcp:ubuntu/bionic

  1. Git
  2. lp:~utkarsh/ubuntu/+source/isc-dhcp
  3. lp1894172-fix-env-bionic
  4. Merge into ubuntu/bionic
Proposed by Utkarsh Gupta
Status: Superseded
Proposed branch: ~utkarsh/ubuntu/+source/isc-dhcp:lp1894172-fix-env-bionic
Merge into: ubuntu/+source/isc-dhcp:ubuntu/bionic
Diff against target: 288 lines (+242/-2)
5 files modified
debian/changelog (+19/-0)
debian/isc-dhcp-server.isc-dhcp-server.service (+2/-1)
debian/isc-dhcp-server.isc-dhcp-server6.service (+2/-1)
debian/patches/CVE-2019-6470.patch (+218/-0)
debian/patches/series (+1/-0)
Reviewer Review Type Date Requested Status
Utkarsh Gupta (community) Needs Fixing
Canonical Server Pending
Canonical Server packageset reviewers Pending
git-ubuntu developers Pending
Review via email: mp+399438@code.launchpad.net

This proposal has been superseded by a proposal from 2021-03-10.

Description of the change

This MR fixes env variables for $INTERFACES (LP: #1894172).

PPA: https://launchpad.net/~utkarsh/+archive/ubuntu/experimental-dump/

Unfortunately there weren't any tests in this package but the change is trivial and I've done a manual test of this.

Should you need any more details, let me know. Requesting you to please review and sponsor the upload.

To post a comment you must log in.
Revision history for this message
Utkarsh Gupta (utkarsh) wrote :

Ugh, oh no! I checked out from ubuntu/bionic-devel and it had the security upload and it pulled it in for this MP as well. I am not sure where to rebase this from or how? Please let me know about this so I can get this fixed at the earliest. TIA!

review: Needs Fixing

Unmerged commits

854bd9f... by Utkarsh Gupta

changelog

Signed-off-by: Utkarsh Gupta <email address hidden>

9b8ebcd... by Utkarsh Gupta

  * Fix env variable for INTERFACES (LP: #1894172)
    - d/isc-dhcp-server.isc-dhcp-server{,6}.service: Replace $INTERFACES
      variable with $INTERFACEv4 and $INTERFACESv6, respectively, for
      respective services file.

Signed-off-by: Utkarsh Gupta <email address hidden>

2a0352d... by Marc Deslauriers

4.3.5-3ubuntu7.1 (patches unapplied)

Imported using git-ubuntu import.

Preview Diff

[H/L] Next/Prev Comment, [J/K] Next/Prev File, [N/P] Next/Prev Hunk
diff --git a/debian/changelog b/debian/changelog
index a90e4a9..67ac715 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,3 +1,22 @@
1isc-dhcp (4.3.5-3ubuntu8) bionic; urgency=medium
2
3 * Fix env variable for INTERFACES (LP: #1894172)
4 - d/isc-dhcp-server.isc-dhcp-server{,6}.service: Replace $INTERFACES
5 variable with $INTERFACEv4 and $INTERFACESv6, respectively, for
6 respective services file.
7
8 -- Utkarsh Gupta <utkarsh.gupta@canonical.com> Wed, 10 Mar 2021 19:57:51 +0530
9
10isc-dhcp (4.3.5-3ubuntu7.1) bionic-security; urgency=medium
11
12 * SECURITY UPDATE: DoS via change in bind behaviour (LP: #1781699)
13 - debian/patches/CVE-2019-6470.patch: use 0 instead of -1 to indicate
14 empty heap index in includes/dhcpd.h, server/mdb6.c,
15 server/tests/mdb6_unittest.c.
16 - CVE-2019-6470
17
18 -- Marc Deslauriers <marc.deslauriers@ubuntu.com> Mon, 06 May 2019 09:00:01 -0400
19
1isc-dhcp (4.3.5-3ubuntu7) bionic; urgency=medium20isc-dhcp (4.3.5-3ubuntu7) bionic; urgency=medium
221
3 * bind-includes.patch: Copied from Debian to fix build with bind22 * bind-includes.patch: Copied from Debian to fix build with bind
diff --git a/debian/isc-dhcp-server.isc-dhcp-server.service b/debian/isc-dhcp-server.isc-dhcp-server.service
index b3e2794..4e7fe42 100644
--- a/debian/isc-dhcp-server.isc-dhcp-server.service
+++ b/debian/isc-dhcp-server.isc-dhcp-server.service
@@ -18,7 +18,8 @@ ExecStart=/bin/sh -ec '\
18 [ -e /var/lib/dhcp/dhcpd.leases ] || touch /var/lib/dhcp/dhcpd.leases; \18 [ -e /var/lib/dhcp/dhcpd.leases ] || touch /var/lib/dhcp/dhcpd.leases; \
19 chown root:dhcpd /var/lib/dhcp /var/lib/dhcp/dhcpd.leases; \19 chown root:dhcpd /var/lib/dhcp /var/lib/dhcp/dhcpd.leases; \
20 chmod 775 /var/lib/dhcp ; chmod 664 /var/lib/dhcp/dhcpd.leases; \20 chmod 775 /var/lib/dhcp ; chmod 664 /var/lib/dhcp/dhcpd.leases; \
21 exec dhcpd -user dhcpd -group dhcpd -f -4 -pf /run/dhcp-server/dhcpd.pid -cf $CONFIG_FILE $INTERFACES'21 if test -n "$INTERFACES" -a -z "$INTERFACESv4"; then INTERFACESv4="$INTERFACES"; fi; \
22 exec dhcpd -user dhcpd -group dhcpd -f -4 -pf /run/dhcp-server/dhcpd.pid -cf $CONFIG_FILE $INTERFACESv4'
2223
23[Install]24[Install]
24WantedBy=multi-user.target25WantedBy=multi-user.target
diff --git a/debian/isc-dhcp-server.isc-dhcp-server6.service b/debian/isc-dhcp-server.isc-dhcp-server6.service
index e3b0828..8593fda 100644
--- a/debian/isc-dhcp-server.isc-dhcp-server6.service
+++ b/debian/isc-dhcp-server.isc-dhcp-server6.service
@@ -18,7 +18,8 @@ ExecStart=/bin/sh -ec '\
18 [ -e /var/lib/dhcp/dhcpd6.leases ] || touch /var/lib/dhcp/dhcpd6.leases; \18 [ -e /var/lib/dhcp/dhcpd6.leases ] || touch /var/lib/dhcp/dhcpd6.leases; \
19 chown root:dhcpd /var/lib/dhcp /var/lib/dhcp/dhcpd6.leases; \19 chown root:dhcpd /var/lib/dhcp /var/lib/dhcp/dhcpd6.leases; \
20 chmod 775 /var/lib/dhcp ; chmod 664 /var/lib/dhcp/dhcpd6.leases; \20 chmod 775 /var/lib/dhcp ; chmod 664 /var/lib/dhcp/dhcpd6.leases; \
21 exec dhcpd -user dhcpd -group dhcpd -f -6 -pf /run/dhcp-server/dhcpd6.pid -cf $CONFIG_FILE $INTERFACES'21 if test -n "$INTERFACES" -a -z "$INTERFACESv6"; then INTERFACESv6="$INTERFACES"; fi; \
22 exec dhcpd -user dhcpd -group dhcpd -f -6 -pf /run/dhcp-server/dhcpd6.pid -cf $CONFIG_FILE $INTERFACESv6'
2223
23[Install]24[Install]
24WantedBy=multi-user.target25WantedBy=multi-user.target
diff --git a/debian/patches/CVE-2019-6470.patch b/debian/patches/CVE-2019-6470.patch
25new file mode 10064426new file mode 100644
index 0000000..b431817
--- /dev/null
+++ b/debian/patches/CVE-2019-6470.patch
@@ -0,0 +1,218 @@
1From abacf8ad0d8844685e5cd76645a34ef2b8da3253 Mon Sep 17 00:00:00 2001
2From: Thomas Markwalder <tmark@isc.org>
3Date: Fri, 1 Dec 2017 09:13:26 -0500
4Subject: [PATCH] [master] Use 0 instead of -1 to indicate empty heap index
5
6 Merges in rt46719.
7---
8 RELNOTES | 5 +++++
9 includes/dhcpd.h | 5 +++--
10 server/mdb6.c | 42 ++++++++++++++++++++++--------------------
11 server/tests/mdb6_unittest.c | 9 +++++++--
12 4 files changed, 37 insertions(+), 24 deletions(-)
13
14#diff --git a/RELNOTES b/RELNOTES
15#index ececd89e..b93af612 100644
16#--- a/RELNOTES
17#+++ b/RELNOTES
18#@@ -1176,6 +1176,11 @@ dhcp-users@lists.isc.org.
19# in the lease file causing issues with DDNS and so forth.
20# [ISC-bugs #43786]
21#
22#+- Replaced iasubopt::heap_index with separate values for active and inactive
23#+ heaps: iasubopt::active_index and iasubopt::inactive_index. This was done
24#+ to accomodate a change in behavior in BIND9 isc_heap_delete().
25#+ [ISC-bugs #46719]
26#+
27# Changes since 4.2.0 (new features)
28#
29# - If a client renews before 'dhcp-cache-threshold' percent of its lease
30Index: isc-dhcp-4.3.5/includes/dhcpd.h
31===================================================================
32--- isc-dhcp-4.3.5.orig/includes/dhcpd.h 2019-05-06 08:57:34.738578132 -0400
33+++ isc-dhcp-4.3.5/includes/dhcpd.h 2019-05-06 08:57:34.734578119 -0400
34@@ -1624,8 +1624,9 @@ struct iasubopt {
35 */
36 #define EXPIRED_IPV6_CLEANUP_TIME (60*60)
37
38- int heap_index; /* index into heap, or -1
39- (internal use only) */
40+ /* index into heaps, or -1 (internal use only) */
41+ int active_index;
42+ int inactive_index;
43
44 /*
45 * A pointer to the state of the ddns update for this lease.
46Index: isc-dhcp-4.3.5/server/mdb6.c
47===================================================================
48--- isc-dhcp-4.3.5.orig/server/mdb6.c 2019-05-06 08:57:34.738578132 -0400
49+++ isc-dhcp-4.3.5/server/mdb6.c 2019-05-06 08:57:34.734578119 -0400
50@@ -216,7 +216,8 @@ iasubopt_allocate(struct iasubopt **iasu
51
52 tmp->refcnt = 1;
53 tmp->state = FTS_FREE;
54- tmp->heap_index = -1;
55+ tmp->active_index = 0;
56+ tmp->inactive_index = 0;
57 tmp->plen = 255;
58
59 *iasubopt = tmp;
60@@ -600,14 +601,18 @@ lease_older(void *a, void *b) {
61 }
62
63 /*
64- * Helper function for lease address/prefix heaps.
65+ * Helper functions for lease address/prefix heaps.
66 * Callback when an address's position in the heap changes.
67 */
68 static void
69-lease_index_changed(void *iasubopt, unsigned int new_heap_index) {
70- ((struct iasubopt *)iasubopt)-> heap_index = new_heap_index;
71+active_changed(void *iasubopt, unsigned int new_heap_index) {
72+ ((struct iasubopt *)iasubopt)->active_index = new_heap_index;
73 }
74
75+static void
76+inactive_changed(void *iasubopt, unsigned int new_heap_index) {
77+ ((struct iasubopt *)iasubopt)->inactive_index = new_heap_index;
78+}
79
80 /*!
81 *
82@@ -660,13 +665,13 @@ ipv6_pool_allocate(struct ipv6_pool **po
83 dfree(tmp, file, line);
84 return ISC_R_NOMEMORY;
85 }
86- if (isc_heap_create(dhcp_gbl_ctx.mctx, lease_older, lease_index_changed,
87+ if (isc_heap_create(dhcp_gbl_ctx.mctx, lease_older, active_changed,
88 0, &(tmp->active_timeouts)) != ISC_R_SUCCESS) {
89 iasubopt_free_hash_table(&(tmp->leases), file, line);
90 dfree(tmp, file, line);
91 return ISC_R_NOMEMORY;
92 }
93- if (isc_heap_create(dhcp_gbl_ctx.mctx, lease_older, lease_index_changed,
94+ if (isc_heap_create(dhcp_gbl_ctx.mctx, lease_older, inactive_changed,
95 0, &(tmp->inactive_timeouts)) != ISC_R_SUCCESS) {
96 isc_heap_destroy(&(tmp->active_timeouts));
97 iasubopt_free_hash_table(&(tmp->leases), file, line);
98@@ -1186,7 +1191,7 @@ cleanup_lease6(ia_hash_t *ia_table,
99 * Remove the old lease from the active heap and from the hash table
100 * then remove the lease from the IA and clean up the IA if necessary.
101 */
102- isc_heap_delete(pool->active_timeouts, test_iasubopt->heap_index);
103+ isc_heap_delete(pool->active_timeouts, test_iasubopt->active_index);
104 pool->num_active--;
105 if (pool->ipv6_pond)
106 pool->ipv6_pond->num_active--;
107@@ -1259,7 +1264,7 @@ add_lease6(struct ipv6_pool *pool, struc
108 if ((test_iasubopt->state == FTS_ACTIVE) ||
109 (test_iasubopt->state == FTS_ABANDONED)) {
110 isc_heap_delete(pool->active_timeouts,
111- test_iasubopt->heap_index);
112+ test_iasubopt->active_index);
113 pool->num_active--;
114 if (pool->ipv6_pond)
115 pool->ipv6_pond->num_active--;
116@@ -1271,7 +1276,7 @@ add_lease6(struct ipv6_pool *pool, struc
117 }
118 } else {
119 isc_heap_delete(pool->inactive_timeouts,
120- test_iasubopt->heap_index);
121+ test_iasubopt->inactive_index);
122 pool->num_inactive--;
123 }
124
125@@ -1392,14 +1397,13 @@ lease6_usable(struct iasubopt *lease) {
126 static isc_result_t
127 move_lease_to_active(struct ipv6_pool *pool, struct iasubopt *lease) {
128 isc_result_t insert_result;
129- int old_heap_index;
130
131- old_heap_index = lease->heap_index;
132 insert_result = isc_heap_insert(pool->active_timeouts, lease);
133 if (insert_result == ISC_R_SUCCESS) {
134 iasubopt_hash_add(pool->leases, &lease->addr,
135 sizeof(lease->addr), lease, MDL);
136- isc_heap_delete(pool->inactive_timeouts, old_heap_index);
137+ isc_heap_delete(pool->inactive_timeouts,
138+ lease->inactive_index);
139 pool->num_active++;
140 pool->num_inactive--;
141 lease->state = FTS_ACTIVE;
142@@ -1449,16 +1453,16 @@ renew_lease6(struct ipv6_pool *pool, str
143 if (lease->state == FTS_ACTIVE) {
144 if (old_end_time <= lease->hard_lifetime_end_time) {
145 isc_heap_decreased(pool->active_timeouts,
146- lease->heap_index);
147+ lease->active_index);
148 } else {
149 isc_heap_increased(pool->active_timeouts,
150- lease->heap_index);
151+ lease->active_index);
152 }
153 return ISC_R_SUCCESS;
154 } else if (lease->state == FTS_ABANDONED) {
155 char tmp_addr[INET6_ADDRSTRLEN];
156 lease->state = FTS_ACTIVE;
157- isc_heap_increased(pool->active_timeouts, lease->heap_index);
158+ isc_heap_increased(pool->active_timeouts, lease->active_index);
159 log_info("Reclaiming previously abandoned address %s",
160 inet_ntop(AF_INET6, &(lease->addr), tmp_addr,
161 sizeof(tmp_addr)));
162@@ -1480,9 +1484,7 @@ static isc_result_t
163 move_lease_to_inactive(struct ipv6_pool *pool, struct iasubopt *lease,
164 binding_state_t state) {
165 isc_result_t insert_result;
166- int old_heap_index;
167
168- old_heap_index = lease->heap_index;
169 insert_result = isc_heap_insert(pool->inactive_timeouts, lease);
170 if (insert_result == ISC_R_SUCCESS) {
171 /*
172@@ -1533,7 +1535,7 @@ move_lease_to_inactive(struct ipv6_pool
173
174 iasubopt_hash_delete(pool->leases,
175 &lease->addr, sizeof(lease->addr), MDL);
176- isc_heap_delete(pool->active_timeouts, old_heap_index);
177+ isc_heap_delete(pool->active_timeouts, lease->active_index);
178 lease->state = state;
179 pool->num_active--;
180 pool->num_inactive++;
181@@ -1611,7 +1613,7 @@ decline_lease6(struct ipv6_pool *pool, s
182 pool->ipv6_pond->num_abandoned++;
183
184 lease->hard_lifetime_end_time = MAX_TIME;
185- isc_heap_decreased(pool->active_timeouts, lease->heap_index);
186+ isc_heap_decreased(pool->active_timeouts, lease->active_index);
187 return ISC_R_SUCCESS;
188 }
189
190@@ -1884,7 +1886,7 @@ cleanup_old_expired(struct ipv6_pool *po
191 break;
192 }
193
194- isc_heap_delete(pool->inactive_timeouts, tmp->heap_index);
195+ isc_heap_delete(pool->inactive_timeouts, tmp->inactive_index);
196 pool->num_inactive--;
197
198 if (tmp->ia != NULL) {
199Index: isc-dhcp-4.3.5/server/tests/mdb6_unittest.c
200===================================================================
201--- isc-dhcp-4.3.5.orig/server/tests/mdb6_unittest.c 2019-05-06 08:57:34.738578132 -0400
202+++ isc-dhcp-4.3.5/server/tests/mdb6_unittest.c 2019-05-06 08:57:34.734578119 -0400
203@@ -65,8 +65,13 @@ ATF_TC_BODY(iaaddr_basic, tc)
204 if (iaaddr->state != FTS_FREE) {
205 atf_tc_fail("ERROR: bad state %s:%d", MDL);
206 }
207- if (iaaddr->heap_index != -1) {
208- atf_tc_fail("ERROR: bad heap_index %s:%d", MDL);
209+ if (iaaddr->active_index != 0) {
210+ atf_tc_fail("ERROR: bad active_index :%d %s:%d",
211+ iaaddr->active_index, MDL);
212+ }
213+ if (iaaddr->inactive_index != 0) {
214+ atf_tc_fail("ERROR: bad inactive_index %d %s:%d",
215+ iaaddr->inactive_index, MDL);
216 }
217 if (iasubopt_reference(&iaaddr_copy, iaaddr, MDL) != ISC_R_SUCCESS) {
218 atf_tc_fail("ERROR: iasubopt_reference() %s:%d", MDL);
diff --git a/debian/patches/series b/debian/patches/series
index 3a343a3..d1dd46e 100644
--- a/debian/patches/series
+++ b/debian/patches/series
@@ -34,3 +34,4 @@ dhcp-improved-xid-correct-byte-order.patch
34dhcp-4.2.4-dhclient-options-changed.patch34dhcp-4.2.4-dhclient-options-changed.patch
35ubuntu-dhcpd-conf.patch35ubuntu-dhcpd-conf.patch
36CVE-2018-573x.patch36CVE-2018-573x.patch
37CVE-2019-6470.patch

Subscribers

People subscribed via source and target branches