1 files changed, 66 insertions, 0 deletions
diff --git a/meta/recipes-connectivity/dhcp/dhcp/CVE-2021-25217.patch b/meta/recipes-connectivity/dhcp/dhcp/CVE-2021-25217.patch
new file mode 100644
index 0000000000..91aaf83a77
--- /dev/null
+++ b/meta/recipes-connectivity/dhcp/dhcp/CVE-2021-25217.patch
@@ -0,0 +1,66 @@
+From 5a7344b05081d84343a1627e47478f3990b17700 Mon Sep 17 00:00:00 2001
+From: Minjae Kim <flowergom@gmail.com>
+Date: Thu, 8 Jul 2021 00:08:25 +0000
+Subject: [PATCH] ISC has disclosed a vulnerability in ISC DHCP
+ (CVE-2021-25217)
+On May 26, 2021, we (Internet Systems Consortium) disclosed a
+vulnerability affecting our ISC DHCP software:
+    CVE-2021-25217: A buffer overrun in lease file parsing code can be
+    used to exploit a common vulnerability shared by dhcpd and dhclient
+    https://kb.isc.org/docs/cve-2021-25217
+New versions of ISC DHCP are available from https://www.isc.org/downloads
+Operators and package maintainers who prefer to apply patches selectively can
+find individual vulnerability-specific patches in the "patches" subdirectory
+of the release directories for our two stable release branches (4.4 and 4.1-ESV)
+   https://downloads.isc.org/isc/dhcp/4.4.2-P1/patches
+   https://downloads.isc.org/isc/dhcp/4.1-ESV-R16-P1/patches
+With the public announcement of this vulnerability, the embargo
+period is ended and any updated software packages that have been
+prepared may be released.
+Upstream-Status: Accepted [https://www.openwall.com/lists/oss-security/2021/05/26/6]
+CVE: CVE-2021-25217
+Signed-off-by: Minjae Kim <flowergom@gmail.com>
+---
+ common/parse.c | 7 ++++---
+ 1 file changed, 4 insertions(+), 3 deletions(-)
+diff --git a/common/parse.c b/common/parse.c
+index 386a632..fc7b39c 100644
+--- a/common/parse.c
+++ b/common/parse.c
+@@ -3,7 +3,7 @@
+    Common parser code for dhcpd and dhclient. */
+ 
+ /*
+- * Copyright (c) 2004-2019 by Internet Systems Consortium, Inc. ("ISC")
+ * Copyright (c) 2004-2021 by Internet Systems Consortium, Inc. ("ISC")
+  * Copyright (c) 1995-2003 by Internet Software Consortium
+  *
+  * This Source Code Form is subject to the terms of the Mozilla Public
+@@ -5556,13 +5556,14 @@ int parse_X (cfile, buf, max)
+                                skip_to_semi (cfile);
+                                return 0;
+                        }
+-                       convert_num (cfile, &buf [len], val, 16, 8);
+-                       if (len++ > max) {
+                       if (len >= max) {
+                                parse_warn (cfile,
+                                            "hexadecimal constant too long.");
+                                skip_to_semi (cfile);
+                                return 0;
+                        }
+                       convert_num (cfile, &buf [len], val, 16, 8);
+                       len++;
+                        token = peek_token (&val, (unsigned *)0, cfile);
+                        if (token == COLON)
+                                token = next_token (&val,
+-- 
+2.17.1

diff --git a/meta/recipes-connectivity/dhcp/dhcp/CVE-2021-25217.patch b/meta/recipes-connectivity/dhcp/dhcp/CVE-2021-25217.patch new file mode 100644 index 0000000000..91aaf83a77 --- /dev/null +++ b/meta/recipes-connectivity/dhcp/dhcp/CVE-2021-25217.patch
@@ -0,0 +1,66 @@
	1	From 5a7344b05081d84343a1627e47478f3990b17700 Mon Sep 17 00:00:00 2001
	2	From: Minjae Kim <flowergom@gmail.com>
	3	Date: Thu, 8 Jul 2021 00:08:25 +0000
	4	Subject: [PATCH] ISC has disclosed a vulnerability in ISC DHCP
	5	(CVE-2021-25217)
	6
	7	On May 26, 2021, we (Internet Systems Consortium) disclosed a
	8	vulnerability affecting our ISC DHCP software:
	9
	10	CVE-2021-25217: A buffer overrun in lease file parsing code can be
	11	used to exploit a common vulnerability shared by dhcpd and dhclient
	12	https://kb.isc.org/docs/cve-2021-25217
	13
	14	New versions of ISC DHCP are available from https://www.isc.org/downloads
	15
	16	Operators and package maintainers who prefer to apply patches selectively can
	17	find individual vulnerability-specific patches in the "patches" subdirectory
	18	of the release directories for our two stable release branches (4.4 and 4.1-ESV)
	19
	20	https://downloads.isc.org/isc/dhcp/4.4.2-P1/patches
	21	https://downloads.isc.org/isc/dhcp/4.1-ESV-R16-P1/patches
	22
	23	With the public announcement of this vulnerability, the embargo
	24	period is ended and any updated software packages that have been
	25	prepared may be released.
	26
	27	Upstream-Status: Accepted [https://www.openwall.com/lists/oss-security/2021/05/26/6]
	28	CVE: CVE-2021-25217
	29	Signed-off-by: Minjae Kim <flowergom@gmail.com>
	30	---
	31	common/parse.c \| 7 ++++---
	32	1 file changed, 4 insertions(+), 3 deletions(-)
	33
	34	diff --git a/common/parse.c b/common/parse.c
	35	index 386a632..fc7b39c 100644
	36	--- a/common/parse.c
	37	+++ b/common/parse.c
	38	@@ -3,7 +3,7 @@
	39	Common parser code for dhcpd and dhclient. */
	40
	41	/*
	42	- * Copyright (c) 2004-2019 by Internet Systems Consortium, Inc. ("ISC")
	43	+ * Copyright (c) 2004-2021 by Internet Systems Consortium, Inc. ("ISC")
	44	* Copyright (c) 1995-2003 by Internet Software Consortium
	45	*
	46	* This Source Code Form is subject to the terms of the Mozilla Public
	47	@@ -5556,13 +5556,14 @@ int parse_X (cfile, buf, max)
	48	skip_to_semi (cfile);
	49	return 0;
	50	}
	51	- convert_num (cfile, &buf [len], val, 16, 8);
	52	- if (len++ > max) {
	53	+ if (len >= max) {
	54	parse_warn (cfile,
	55	"hexadecimal constant too long.");
	56	skip_to_semi (cfile);
	57	return 0;
	58	}
	59	+ convert_num (cfile, &buf [len], val, 16, 8);
	60	+ len++;
	61	token = peek_token (&val, (unsigned *)0, cfile);
	62	if (token == COLON)
	63	token = next_token (&val,
	64	--
	65	2.17.1
	66