| Patch | Description | Author | Forwarded | Bugs | Origin | Last update |
|---|---|---|---|---|---|---|
| 0005-DHCPv6-Fix-a-potential-read-overflow-with-D6_OPTION_.patch | DHCPv6: Fix a potential read overflow with D6_OPTION_PD_EXCLUDE dhcpcd only checks that the prefix length of the exclusion matches the prefix length of the ia and equals the length of the data in the option. This could potentially overrun the in6_addr structure. This is fixed by enforcing RFC 6603 section 4.2 option limits more clearly. Thanks to Maxime Villard <max@m00nbsd.net> for finding this. (cherry picked from commit c1ebeaafeb324bac997984abdcee2d4e8b61a8a8) DHCPv6: Fix exclude prefix length check. (cherry picked from commit 896ef4a54b0578985e5e1360b141593f1d62837b) |
Roy Marples <roy@marples.name> | no | 2019-05-03 | ||
| 0001-Fix-typo-in-manpage.patch | Fix typo in manpage | Scott Leggett <scott@sl.id.au> | no | 2018-12-11 | ||
| 0002-DHCPv6-Fix-a-potential-buffer-overflow-reading-NA-TA.patch | DHCPv6: Fix a potential buffer overflow reading NA/TA addresses Only copy upto the size of the address option rather than the option length. Found by Maxime Villard <max@m00nbsd.net> (cherry picked from commit 8d11b33f6c60e2db257130fa383ba76b6018bcf6) |
Roy Marples <roy@marples.name> | no | 2019-04-19 | ||
| 0003-DHCP-Fix-a-potential-1-byte-read-overflow-with-DHO_O.patch | DHCP: Fix a potential 1 byte read overflow with DHO_OPTSOVERLOADED This fix basically moves the option length check up and also corrects an off by one error with it. Thanks to Maxime Villard <max@m00nbsd.net> (cherry picked from commit 4b67f6f1038fd4ad5ca7734eaaeba1b2ec4816b8) |
Roy Marples <roy@marples.name> | no | 2019-04-19 | ||
| 0004-auth-Use-consttime_memequal-3-to-compare-hashes.patch | auth: Use consttime_memequal(3) to compare hashes This stops any attacker from trying to infer secrets from latency. Thanks to Maxime Villard <max@m00nbsd.net> (cherry picked from commit 7121040790b611ca3fbc400a1bbcd4364ef57233) Public domain version by Matthias Drochner <drochner@netbsd.org> (cherry picked from commit cfde89ab66cb4e5957b1c4b68ad6a9449e2784da) Really add consttime_memequal (cherry picked from commit aee631aadeef4283c8a749c1caf77823304acf5e) |
Roy Marples <roy@marples.name> | no | 2019-04-19 |