dnsmasq: upgrade 2.86 -> 2.87

License-Update : format of License file changed. CVE-2022-0934.patch deleted since it's included in 2.87. Signed-off-by: Wang Mingyu <wangmy@fujitsu.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
author: wangmy <wangmy@fujitsu.com> 2022-09-27 16:21:20 +0800
committer: Khem Raj <raj.khem@gmail.com> 2022-09-27 10:04:35 -0700
commit: 79ed6782a66590d769a516d8b4c15a4330bf7515 (patch)
tree: 3027ad8e0ef6b905a889bd51f45b53ccce11cca4
parent: c58be76cbf3a84342c273babf048b60c94a882af (diff)
download: meta-openembedded-79ed6782a66590d769a516d8b4c15a4330bf7515.tar.gz
4 files changed, 10 insertions, 201 deletions
diff --git a/meta-networking/recipes-support/dnsmasq/dnsmasq.inc b/meta-networking/recipes-support/dnsmasq/dnsmasq.inc
index 136c65d8fd..a8ff21a125 100644
--- a/meta-networking/recipes-support/dnsmasq/dnsmasq.inc
+++ b/meta-networking/recipes-support/dnsmasq/dnsmasq.inc
@@ -3,8 +3,9 @@ HOMEPAGE = "http://www.thekelleys.org.uk/dnsmasq/doc.html"
 SECTION = "net"
 # GPLv3 was added in version 2.41 as license option
 LICENSE = "GPL-2.0-only | GPL-3.0-only"
-LIC_FILES_CHKSUM = "file://COPYING;md5=0636e73ff0215e8d672dc4c32c317bb3 \
+LIC_FILES_CHKSUM = "file://COPYING;md5=b234ee4d69f5fce4486a80fdaf4a4263 \
-                    file://COPYING-v3;md5=d32239bcb673463ab874e80d47fae504"
+                    file://COPYING-v3;md5=d32239bcb673463ab874e80d47fae504 \
+                    "
 #at least versions 2.69 and prior are moved to the archive folder on the server
 SRC_URI = "http://www.thekelleys.org.uk/dnsmasq/${@['archive/', ''][float(d.getVar('PV').split('.')[1]) > 69]}dnsmasq-${PV}.tar.gz;name=dnsmasq-${PV} \
diff --git a/meta-networking/recipes-support/dnsmasq/dnsmasq/CVE-2022-0934.patch b/meta-networking/recipes-support/dnsmasq/dnsmasq/CVE-2022-0934.patch
deleted file mode 100644
index 6bd734d756..0000000000
--- a/meta-networking/recipes-support/dnsmasq/dnsmasq/CVE-2022-0934.patch
+++ /dev/null
@@ -1,191 +0,0 @@
-From 3cdecc159e0f417a2f8d43d99632af26beea630f Mon Sep 17 00:00:00 2001
-From: Simon Kelley <simon@thekelleys.org.uk>
-Date: Thu, 31 Mar 2022 21:35:20 +0100
-Subject: [PATCH] Fix write-after-free error in DHCPv6 code. CVE-2022-0934
- refers.
-CVE: CVE-2022-0934
-Upstream-Status: Backport
-[https://thekelleys.org.uk/gitweb/?p=dnsmasq.git;a=commitdiff;h=03345ecefe]
-Signed-off-by: Yi Zhao <yi.zhao@windriver.com>
---
- CHANGELOG     |  3 +++
- src/rfc3315.c | 48 +++++++++++++++++++++++++++---------------------
- 2 files changed, 30 insertions(+), 21 deletions(-)
-diff --git a/CHANGELOG b/CHANGELOG
-index 5e54df9..a28da2a 100644
--- a/CHANGELOG
-+++ b/CHANGELOG
-@@ -1,4 +1,7 @@
- version 2.86
-+       Fix write-after-free error in DHCPv6 server code.
-+       CVE-2022-0934 refers.
-+
-        Handle DHCPREBIND requests in the DHCPv6 server code.
-        Thanks to Aichun Li for spotting this omission, and the initial
-        patch.
-diff --git a/src/rfc3315.c b/src/rfc3315.c
-index 5c2ff97..6ecfeeb 100644
--- a/src/rfc3315.c
-+++ b/src/rfc3315.c
-@@ -33,9 +33,9 @@ struct state {
-   unsigned int mac_len, mac_type;
- };
- 
-static int dhcp6_maybe_relay(struct state *state, void *inbuff, size_t sz, 
-+static int dhcp6_maybe_relay(struct state *state, unsigned char *inbuff, size_t sz, 
-                             struct in6_addr *client_addr, int is_unicast, time_t now);
-static int dhcp6_no_relay(struct state *state, int msg_type, void *inbuff, size_t sz, int is_unicast, time_t now);
-+static int dhcp6_no_relay(struct state *state, int msg_type, unsigned char *inbuff, size_t sz, int is_unicast, time_t now);
- static void log6_opts(int nest, unsigned int xid, void *start_opts, void *end_opts);
- static void log6_packet(struct state *state, char *type, struct in6_addr *addr, char *string);
- static void log6_quiet(struct state *state, char *type, struct in6_addr *addr, char *string);
-@@ -104,12 +104,12 @@ unsigned short dhcp6_reply(struct dhcp_context *context, int interface, char *if
- }
- 
- /* This cost me blood to write, it will probably cost you blood to understand - srk. */
-static int dhcp6_maybe_relay(struct state *state, void *inbuff, size_t sz, 
-+static int dhcp6_maybe_relay(struct state *state, unsigned char *inbuff, size_t sz, 
-                             struct in6_addr *client_addr, int is_unicast, time_t now)
- {
-   void *end = inbuff + sz;
-   void *opts = inbuff + 34;
-  int msg_type = *((unsigned char *)inbuff);
-+  int msg_type = *inbuff;
-   unsigned char *outmsgtypep;
-   void *opt;
-   struct dhcp_vendor *vendor;
-@@ -259,15 +259,15 @@ static int dhcp6_maybe_relay(struct state *state, void *inbuff, size_t sz,
-   return 1;
- }
- 
-static int dhcp6_no_relay(struct state *state, int msg_type, void *inbuff, size_t sz, int is_unicast, time_t now)
-+static int dhcp6_no_relay(struct state *state, int msg_type, unsigned char *inbuff, size_t sz, int is_unicast, time_t now)
- {
-   void *opt;
-  int i, o, o1, start_opts;
-+  int i, o, o1, start_opts, start_msg;
-   struct dhcp_opt *opt_cfg;
-   struct dhcp_netid *tagif;
-   struct dhcp_config *config = NULL;
-   struct dhcp_netid known_id, iface_id, v6_id;
-  unsigned char *outmsgtypep;
-+  unsigned char outmsgtype;
-   struct dhcp_vendor *vendor;
-   struct dhcp_context *context_tmp;
-   struct dhcp_mac *mac_opt;
-@@ -296,12 +296,13 @@ static int dhcp6_no_relay(struct state *state, int msg_type, void *inbuff, size_
-   v6_id.next = state->tags;
-   state->tags = &v6_id;
- 
-  /* copy over transaction-id, and save pointer to message type */
-  if (!(outmsgtypep = put_opt6(inbuff, 4)))
-+  start_msg = save_counter(-1);
-+  /* copy over transaction-id */
-+  if (!put_opt6(inbuff, 4))
-     return 0;
-   start_opts = save_counter(-1);
-  state->xid = outmsgtypep[3] | outmsgtypep[2] << 8 | outmsgtypep[1] << 16;
-   
-+  state->xid = inbuff[3] | inbuff[2] << 8 | inbuff[1] << 16;
-+    
-   /* We're going to be linking tags from all context we use. 
-      mark them as unused so we don't link one twice and break the list */
-   for (context_tmp = state->context; context_tmp; context_tmp = context_tmp->current)
-@@ -347,7 +348,7 @@ static int dhcp6_no_relay(struct state *state, int msg_type, void *inbuff, size_
-       (msg_type == DHCP6REQUEST || msg_type == DHCP6RENEW || msg_type == DHCP6RELEASE || msg_type == DHCP6DECLINE))
-     
-     {  
-      *outmsgtypep = DHCP6REPLY;
-+      outmsgtype = DHCP6REPLY;
-       o1 = new_opt6(OPTION6_STATUS_CODE);
-       put_opt6_short(DHCP6USEMULTI);
-       put_opt6_string("Use multicast");
-@@ -619,11 +620,11 @@ static int dhcp6_no_relay(struct state *state, int msg_type, void *inbuff, size_
-        struct dhcp_netid *solicit_tags;
-        struct dhcp_context *c;
-        
-       *outmsgtypep = DHCP6ADVERTISE;
-+       outmsgtype = DHCP6ADVERTISE;
-        
-        if (opt6_find(state->packet_options, state->end, OPTION6_RAPID_COMMIT, 0))
-          {
-           *outmsgtypep = DHCP6REPLY;
-+           outmsgtype = DHCP6REPLY;
-            state->lease_allocate = 1;
-            o = new_opt6(OPTION6_RAPID_COMMIT);
-            end_opt6(o);
-@@ -809,7 +810,7 @@ static int dhcp6_no_relay(struct state *state, int msg_type, void *inbuff, size_
-        int start = save_counter(-1);
- 
-        /* set reply message type */
-       *outmsgtypep = DHCP6REPLY;
-+       outmsgtype = DHCP6REPLY;
-        state->lease_allocate = 1;
- 
-        log6_quiet(state, "DHCPREQUEST", NULL, ignore ? _("ignored") : NULL);
-@@ -924,7 +925,7 @@ static int dhcp6_no_relay(struct state *state, int msg_type, void *inbuff, size_
-        int address_assigned = 0;
- 
-        /* set reply message type */
-       *outmsgtypep = DHCP6REPLY;
-+       outmsgtype = DHCP6REPLY;
-        
-        log6_quiet(state, msg_type == DHCP6RENEW ? "DHCPRENEW" : "DHCPREBIND", NULL, NULL);
- 
-@@ -1057,7 +1058,7 @@ static int dhcp6_no_relay(struct state *state, int msg_type, void *inbuff, size_
-        int good_addr = 0;
- 
-        /* set reply message type */
-       *outmsgtypep = DHCP6REPLY;
-+       outmsgtype = DHCP6REPLY;
-        
-        log6_quiet(state, "DHCPCONFIRM", NULL, NULL);
-        
-@@ -1121,7 +1122,7 @@ static int dhcp6_no_relay(struct state *state, int msg_type, void *inbuff, size_
-        log6_quiet(state, "DHCPINFORMATION-REQUEST", NULL, ignore ? _("ignored") : state->hostname);
-        if (ignore)
-          return 0;
-       *outmsgtypep = DHCP6REPLY;
-+       outmsgtype = DHCP6REPLY;
-        tagif = add_options(state, 1);
-        break;
-       }
-@@ -1130,7 +1131,7 @@ static int dhcp6_no_relay(struct state *state, int msg_type, void *inbuff, size_
-     case DHCP6RELEASE:
-       {
-        /* set reply message type */
-       *outmsgtypep = DHCP6REPLY;
-+       outmsgtype = DHCP6REPLY;
- 
-        log6_quiet(state, "DHCPRELEASE", NULL, NULL);
- 
-@@ -1195,7 +1196,7 @@ static int dhcp6_no_relay(struct state *state, int msg_type, void *inbuff, size_
-     case DHCP6DECLINE:
-       {
-        /* set reply message type */
-       *outmsgtypep = DHCP6REPLY;
-+       outmsgtype = DHCP6REPLY;
-        
-        log6_quiet(state, "DHCPDECLINE", NULL, NULL);
- 
-@@ -1275,7 +1276,12 @@ static int dhcp6_no_relay(struct state *state, int msg_type, void *inbuff, size_
-       }
- 
-     }
-  
-+
-+  /* Fill in the message type. Note that we store the offset,
-+     not a direct pointer, since the packet memory may have been 
-+     reallocated. */
-+  ((unsigned char *)(daemon->outpacket.iov_base))[start_msg] = outmsgtype;
-+
-   log_tags(tagif, state->xid);
-   log6_opts(0, state->xid, daemon->outpacket.iov_base + start_opts, daemon->outpacket.iov_base + save_counter(-1));
-   
-- 
-2.25.1
diff --git a/meta-networking/recipes-support/dnsmasq/dnsmasq_2.86.bb b/meta-networking/recipes-support/dnsmasq/dnsmasq_2.86.bb
deleted file mode 100644
index 0f7880ce8c..0000000000
--- a/meta-networking/recipes-support/dnsmasq/dnsmasq_2.86.bb
+++ /dev/null
@@ -1,8 +0,0 @@
-require dnsmasq.inc
-SRC_URI[dnsmasq-2.86.sha256sum] = "ef15f608a83ee2b1d1d2c1f11d089a7e0ac401ffb0991de73fc01ce5f290e512"
-SRC_URI += "\
-    file://lua.patch \
-    file://CVE-2022-0934.patch \
-"
diff --git a/meta-networking/recipes-support/dnsmasq/dnsmasq_2.87.bb b/meta-networking/recipes-support/dnsmasq/dnsmasq_2.87.bb
new file mode 100644
index 0000000000..793b61d712
--- /dev/null
+++ b/meta-networking/recipes-support/dnsmasq/dnsmasq_2.87.bb
@@ -0,0 +1,7 @@
+require dnsmasq.inc
+SRC_URI[dnsmasq-2.87.sha256sum] = "ae39bffde9c37e4d64849b528afeb060be6bad6d1044a3bd94a49fce41357284"
+SRC_URI += "\
+    file://lua.patch \
+"
author	wangmy <wangmy@fujitsu.com>	2022-09-27 16:21:20 +0800
committer	Khem Raj <raj.khem@gmail.com>	2022-09-27 10:04:35 -0700
commit	79ed6782a66590d769a516d8b4c15a4330bf7515 (patch)
tree	3027ad8e0ef6b905a889bd51f45b53ccce11cca4
parent	c58be76cbf3a84342c273babf048b60c94a882af (diff)
download	meta-openembedded-79ed6782a66590d769a516d8b4c15a4330bf7515.tar.gz

diff --git a/meta-networking/recipes-support/dnsmasq/dnsmasq.inc b/meta-networking/recipes-support/dnsmasq/dnsmasq.inc index 136c65d8fd..a8ff21a125 100644 --- a/meta-networking/recipes-support/dnsmasq/dnsmasq.inc +++ b/meta-networking/recipes-support/dnsmasq/dnsmasq.inc
@@ -3,8 +3,9 @@ HOMEPAGE = "http://www.thekelleys.org.uk/dnsmasq/doc.html"
3	SECTION = "net"	3	SECTION = "net"
4	# GPLv3 was added in version 2.41 as license option	4	# GPLv3 was added in version 2.41 as license option
5	LICENSE = "GPL-2.0-only \| GPL-3.0-only"	5	LICENSE = "GPL-2.0-only \| GPL-3.0-only"
6	LIC_FILES_CHKSUM = "file://COPYING;md5=0636e73ff0215e8d672dc4c32c317bb3 \	6	LIC_FILES_CHKSUM = "file://COPYING;md5=b234ee4d69f5fce4486a80fdaf4a4263 \
7	file://COPYING-v3;md5=d32239bcb673463ab874e80d47fae504"	7	file://COPYING-v3;md5=d32239bcb673463ab874e80d47fae504 \
		8	"
8		9
9	#at least versions 2.69 and prior are moved to the archive folder on the server	10	#at least versions 2.69 and prior are moved to the archive folder on the server
10	SRC_URI = "http://www.thekelleys.org.uk/dnsmasq/${@['archive/', ''][float(d.getVar('PV').split('.')[1]) > 69]}dnsmasq-${PV}.tar.gz;name=dnsmasq-${PV} \	11	SRC_URI = "http://www.thekelleys.org.uk/dnsmasq/${@['archive/', ''][float(d.getVar('PV').split('.')[1]) > 69]}dnsmasq-${PV}.tar.gz;name=dnsmasq-${PV} \


diff --git a/meta-networking/recipes-support/dnsmasq/dnsmasq/CVE-2022-0934.patch b/meta-networking/recipes-support/dnsmasq/dnsmasq/CVE-2022-0934.patch deleted file mode 100644 index 6bd734d756..0000000000 --- a/meta-networking/recipes-support/dnsmasq/dnsmasq/CVE-2022-0934.patch +++ /dev/null
@@ -1,191 +0,0 @@
1	From 3cdecc159e0f417a2f8d43d99632af26beea630f Mon Sep 17 00:00:00 2001
2	From: Simon Kelley <simon@thekelleys.org.uk>
3	Date: Thu, 31 Mar 2022 21:35:20 +0100
4	Subject: [PATCH] Fix write-after-free error in DHCPv6 code. CVE-2022-0934
5	refers.
6
7	CVE: CVE-2022-0934
8
9	Upstream-Status: Backport
10	[https://thekelleys.org.uk/gitweb/?p=dnsmasq.git;a=commitdiff;h=03345ecefe]
11
12	Signed-off-by: Yi Zhao <yi.zhao@windriver.com>
13	---
14	CHANGELOG \| 3 +++
15	src/rfc3315.c \| 48 +++++++++++++++++++++++++++---------------------
16	2 files changed, 30 insertions(+), 21 deletions(-)
17
18	diff --git a/CHANGELOG b/CHANGELOG
19	index 5e54df9..a28da2a 100644
20	--- a/CHANGELOG
21	+++ b/CHANGELOG
22	@@ -1,4 +1,7 @@
23	version 2.86
24	+ Fix write-after-free error in DHCPv6 server code.
25	+ CVE-2022-0934 refers.
26	+
27	Handle DHCPREBIND requests in the DHCPv6 server code.
28	Thanks to Aichun Li for spotting this omission, and the initial
29	patch.
30	diff --git a/src/rfc3315.c b/src/rfc3315.c
31	index 5c2ff97..6ecfeeb 100644
32	--- a/src/rfc3315.c
33	+++ b/src/rfc3315.c
34	@@ -33,9 +33,9 @@ struct state {
35	unsigned int mac_len, mac_type;
36	};
37
38	-static int dhcp6_maybe_relay(struct state state, void inbuff, size_t sz,
39	+static int dhcp6_maybe_relay(struct state state, unsigned char inbuff, size_t sz,
40	struct in6_addr *client_addr, int is_unicast, time_t now);
41	-static int dhcp6_no_relay(struct state state, int msg_type, void inbuff, size_t sz, int is_unicast, time_t now);
42	+static int dhcp6_no_relay(struct state state, int msg_type, unsigned char inbuff, size_t sz, int is_unicast, time_t now);
43	static void log6_opts(int nest, unsigned int xid, void start_opts, void end_opts);
44	static void log6_packet(struct state state, char type, struct in6_addr addr, char string);
45	static void log6_quiet(struct state state, char type, struct in6_addr addr, char string);
46	@@ -104,12 +104,12 @@ unsigned short dhcp6_reply(struct dhcp_context context, int interface, char if
47	}
48
49	/* This cost me blood to write, it will probably cost you blood to understand - srk. */
50	-static int dhcp6_maybe_relay(struct state state, void inbuff, size_t sz,
51	+static int dhcp6_maybe_relay(struct state state, unsigned char inbuff, size_t sz,
52	struct in6_addr *client_addr, int is_unicast, time_t now)
53	{
54	void *end = inbuff + sz;
55	void *opts = inbuff + 34;
56	- int msg_type = ((unsigned char )inbuff);
57	+ int msg_type = *inbuff;
58	unsigned char *outmsgtypep;
59	void *opt;
60	struct dhcp_vendor *vendor;
61	@@ -259,15 +259,15 @@ static int dhcp6_maybe_relay(struct state state, void inbuff, size_t sz,
62	return 1;
63	}
64
65	-static int dhcp6_no_relay(struct state state, int msg_type, void inbuff, size_t sz, int is_unicast, time_t now)
66	+static int dhcp6_no_relay(struct state state, int msg_type, unsigned char inbuff, size_t sz, int is_unicast, time_t now)
67	{
68	void *opt;
69	- int i, o, o1, start_opts;
70	+ int i, o, o1, start_opts, start_msg;
71	struct dhcp_opt *opt_cfg;
72	struct dhcp_netid *tagif;
73	struct dhcp_config *config = NULL;
74	struct dhcp_netid known_id, iface_id, v6_id;
75	- unsigned char *outmsgtypep;
76	+ unsigned char outmsgtype;
77	struct dhcp_vendor *vendor;
78	struct dhcp_context *context_tmp;
79	struct dhcp_mac *mac_opt;
80	@@ -296,12 +296,13 @@ static int dhcp6_no_relay(struct state state, int msg_type, void inbuff, size_
81	v6_id.next = state->tags;
82	state->tags = &v6_id;
83
84	- /* copy over transaction-id, and save pointer to message type */
85	- if (!(outmsgtypep = put_opt6(inbuff, 4)))
86	+ start_msg = save_counter(-1);
87	+ /* copy over transaction-id */
88	+ if (!put_opt6(inbuff, 4))
89	return 0;
90	start_opts = save_counter(-1);
91	- state->xid = outmsgtypep[3] \| outmsgtypep[2] << 8 \| outmsgtypep[1] << 16;
92	-
93	+ state->xid = inbuff[3] \| inbuff[2] << 8 \| inbuff[1] << 16;
94	+
95	/* We're going to be linking tags from all context we use.
96	mark them as unused so we don't link one twice and break the list */
97	for (context_tmp = state->context; context_tmp; context_tmp = context_tmp->current)
98	@@ -347,7 +348,7 @@ static int dhcp6_no_relay(struct state state, int msg_type, void inbuff, size_
99	(msg_type == DHCP6REQUEST \|\| msg_type == DHCP6RENEW \|\| msg_type == DHCP6RELEASE \|\| msg_type == DHCP6DECLINE))
100
101	{
102	- *outmsgtypep = DHCP6REPLY;
103	+ outmsgtype = DHCP6REPLY;
104	o1 = new_opt6(OPTION6_STATUS_CODE);
105	put_opt6_short(DHCP6USEMULTI);
106	put_opt6_string("Use multicast");
107	@@ -619,11 +620,11 @@ static int dhcp6_no_relay(struct state state, int msg_type, void inbuff, size_
108	struct dhcp_netid *solicit_tags;
109	struct dhcp_context *c;
110
111	- *outmsgtypep = DHCP6ADVERTISE;
112	+ outmsgtype = DHCP6ADVERTISE;
113
114	if (opt6_find(state->packet_options, state->end, OPTION6_RAPID_COMMIT, 0))
115	{
116	- *outmsgtypep = DHCP6REPLY;
117	+ outmsgtype = DHCP6REPLY;
118	state->lease_allocate = 1;
119	o = new_opt6(OPTION6_RAPID_COMMIT);
120	end_opt6(o);
121	@@ -809,7 +810,7 @@ static int dhcp6_no_relay(struct state state, int msg_type, void inbuff, size_
122	int start = save_counter(-1);
123
124	/* set reply message type */
125	- *outmsgtypep = DHCP6REPLY;
126	+ outmsgtype = DHCP6REPLY;
127	state->lease_allocate = 1;
128
129	log6_quiet(state, "DHCPREQUEST", NULL, ignore ? _("ignored") : NULL);
130	@@ -924,7 +925,7 @@ static int dhcp6_no_relay(struct state state, int msg_type, void inbuff, size_
131	int address_assigned = 0;
132
133	/* set reply message type */
134	- *outmsgtypep = DHCP6REPLY;
135	+ outmsgtype = DHCP6REPLY;
136
137	log6_quiet(state, msg_type == DHCP6RENEW ? "DHCPRENEW" : "DHCPREBIND", NULL, NULL);
138
139	@@ -1057,7 +1058,7 @@ static int dhcp6_no_relay(struct state state, int msg_type, void inbuff, size_
140	int good_addr = 0;
141
142	/* set reply message type */
143	- *outmsgtypep = DHCP6REPLY;
144	+ outmsgtype = DHCP6REPLY;
145
146	log6_quiet(state, "DHCPCONFIRM", NULL, NULL);
147
148	@@ -1121,7 +1122,7 @@ static int dhcp6_no_relay(struct state state, int msg_type, void inbuff, size_
149	log6_quiet(state, "DHCPINFORMATION-REQUEST", NULL, ignore ? _("ignored") : state->hostname);
150	if (ignore)
151	return 0;
152	- *outmsgtypep = DHCP6REPLY;
153	+ outmsgtype = DHCP6REPLY;
154	tagif = add_options(state, 1);
155	break;
156	}
157	@@ -1130,7 +1131,7 @@ static int dhcp6_no_relay(struct state state, int msg_type, void inbuff, size_
158	case DHCP6RELEASE:
159	{
160	/* set reply message type */
161	- *outmsgtypep = DHCP6REPLY;
162	+ outmsgtype = DHCP6REPLY;
163
164	log6_quiet(state, "DHCPRELEASE", NULL, NULL);
165
166	@@ -1195,7 +1196,7 @@ static int dhcp6_no_relay(struct state state, int msg_type, void inbuff, size_
167	case DHCP6DECLINE:
168	{
169	/* set reply message type */
170	- *outmsgtypep = DHCP6REPLY;
171	+ outmsgtype = DHCP6REPLY;
172
173	log6_quiet(state, "DHCPDECLINE", NULL, NULL);
174
175	@@ -1275,7 +1276,12 @@ static int dhcp6_no_relay(struct state state, int msg_type, void inbuff, size_
176	}
177
178	}
179	-
180	+
181	+ /* Fill in the message type. Note that we store the offset,
182	+ not a direct pointer, since the packet memory may have been
183	+ reallocated. */
184	+ ((unsigned char *)(daemon->outpacket.iov_base))[start_msg] = outmsgtype;
185	+
186	log_tags(tagif, state->xid);
187	log6_opts(0, state->xid, daemon->outpacket.iov_base + start_opts, daemon->outpacket.iov_base + save_counter(-1));
188
189	--
190	2.25.1
191


diff --git a/meta-networking/recipes-support/dnsmasq/dnsmasq_2.86.bb b/meta-networking/recipes-support/dnsmasq/dnsmasq_2.86.bb deleted file mode 100644 index 0f7880ce8c..0000000000 --- a/meta-networking/recipes-support/dnsmasq/dnsmasq_2.86.bb +++ /dev/null
@@ -1,8 +0,0 @@
1	require dnsmasq.inc
2
3	SRC_URI[dnsmasq-2.86.sha256sum] = "ef15f608a83ee2b1d1d2c1f11d089a7e0ac401ffb0991de73fc01ce5f290e512"
4	SRC_URI += "\
5	file://lua.patch \
6	file://CVE-2022-0934.patch \
7	"
8


diff --git a/meta-networking/recipes-support/dnsmasq/dnsmasq_2.87.bb b/meta-networking/recipes-support/dnsmasq/dnsmasq_2.87.bb new file mode 100644 index 0000000000..793b61d712 --- /dev/null +++ b/meta-networking/recipes-support/dnsmasq/dnsmasq_2.87.bb
@@ -0,0 +1,7 @@
		1	require dnsmasq.inc
		2
		3	SRC_URI[dnsmasq-2.87.sha256sum] = "ae39bffde9c37e4d64849b528afeb060be6bad6d1044a3bd94a49fce41357284"
		4	SRC_URI += "\
		5	file://lua.patch \
		6	"
		7