Ubuntu
isc-dhcp package

Change log for isc-dhcp package in Ubuntu

175 of 222 results FirstPreviousLast
Published in noble-release
Deleted in noble-proposed (Reason: Moved to noble) 
isc-dhcp (4.4.3-P1-4ubuntu2) noble; urgency=high

  * No change rebuild against frame pointers and time_t.

 -- Julian Andres Klode <email address hidden>  Mon, 22 Apr 2024 12:43:04 +0200
Superseded in noble-release
Superseded in noble-release
Deleted in noble-proposed (Reason: Moved to noble) 
isc-dhcp (4.4.3-P1-4ubuntu1) noble; urgency=medium

  * Merge from Debian unstable, remaining changes:
    - Ubuntu patches:
      + Give-an-example-for-subnet-mask-in-dhcpd.conf.patch
      + dhclient-fix-backoff
      + revert-next-server
      + multi-ip-addr-per-if
      + dhclient-safer-timeout
      + onetry_retry_after_initial_success
      + Add InfiniBand support:
        - dhcp-lpf-ib.patch
        - dhcp-improved-xid.patch
        - dhcp-gpxe-cid.patch
        - dhcp-improved-xid-correct-byte-order.patch
      + dhcp-4.2.4-dhclient-options-changed.patch
      + ubuntu-dhcpd-conf.patch
      + dhclient-write-pidfile-earlier.patch: Write pidfile before informing
        parent of success.
      + bind-outdated-config.guess.patch: run autoreconf in the bind directory.
    - Drop isc-dhcp-server/new_auth_behavior question from high to medium
    - Apport hook for isc-dhcp-client and isc-dhcp-server.
    - Add enforcing AppArmor profile for DHCP client and server
    - Increase the timeout to 300 seconds for dhclient.conf (following the
      default added by dhclient-safer-timeout).
    - Separate default file for isc-dhcp-relay6.
    - Create user/group dhcpd and make isc-dhcp-server depend on adduser.
    - Create /etc/dhcp/ddns-keys/ for DDNS updates.
    - Sanitize environment in dhclient-script.linux.
    - Add systemd units for -server and -relay.
      + If /etc/ltsp/dhcpd.conf exists, use that instead of
        /etc/dhcp/dhcpd.conf.
    - isc-dhcp-server: Suggest policycoreutils instead of recommending it.
    - ipv6: wait for duplicate address detection to finish. LP #1633479
    - Ship dhcp exit hook to push DNS information to resolved. LP #1889068
    - Stop building the udeb on request.
    - debian/rules: Build with -O2 instead on -O3 on ppc64el
    - debian/rules: build with -fno-strict-aliasing.
    - Disable make_resolv_conf() if systemd-resolved is in use.
    - debian/control: add Pre-Depends: ${misc:Pre-Depends} for
      init-system-helpers.
    - debian/apparmor/sbin.dhclient: Allow disabling dhclient hooks.
    - Do not build with DH_VERBOSE=1
  * Dropped changes, included in Debian:
    - Ship keama, the KEA Migration Assistant in a new isc-dhcp-keama binary
      package. (LP: #2020086)
  * Refresh patches (using gbp pq)
  * debian/control: Drop libcap-dev build dependency (no change in diffoscope).
  * Use /run/dhcp-server6 for isc-dhcp-server6 service.
    Thanks to Jason Penney (LP: #1543799)
  * debian/rfc3442-classless-routes.linux: Use configured metric.
    Thanks to Tom Carroll (LP: #1664352)
  * autopkgtest: Use setup logic from isc-dhcp-server.service
Superseded in noble-release
Published in mantic-release
Deleted in mantic-proposed (Reason: Moved to mantic) 
isc-dhcp (4.4.3-P1-2ubuntu5) mantic; urgency=medium

  * Remove initramfs-tools integration from isc-dhcp-client.
    initramfs-tools >= 0.142ubuntu9 uses dhcpcd instead of dhclient.
    (LP: #2024164)
  * autopkgtest: Ensure that /var/lib/dhcp/dhcpd.leases is present

 -- Benjamin Drung <email address hidden>  Tue, 05 Sep 2023 12:55:20 +0200
Superseded in mantic-release
Deleted in mantic-proposed (Reason: Moved to mantic) 
isc-dhcp (4.4.3-P1-2ubuntu4) mantic; urgency=medium

  * Restore execution bits of files in debian/ from previous upload
  * Do not build with DH_VERBOSE=1

 -- Benjamin Drung <email address hidden>  Fri, 16 Jun 2023 12:44:01 +0200
Superseded in mantic-proposed 
isc-dhcp (4.4.3-P1-2ubuntu3) mantic; urgency=medium

  * debian/initramfs-tools/lib/etc/dhcp/dhclient-enter-hooks.d/config:
    - Do not merge DNS domain into DOMAINSEARCH to match ipconfig's behavior
    - add filename and DHCPLEASETIME variables
    - match order of entries with ipconfig's order

 -- Benjamin Drung <email address hidden>  Wed, 14 Jun 2023 12:59:49 +0200
Superseded in mantic-release
Deleted in mantic-proposed (Reason: Moved to mantic) 
isc-dhcp (4.4.3-P1-2ubuntu2) mantic; urgency=medium

  * Ship keama, the KEA Migration Assistant in a new isc-dhcp-keama binary
    package. (LP: #2020086)

 -- Athos Ribeiro <email address hidden>  Thu, 18 May 2023 21:30:57 -0300
Superseded in mantic-release
Deleted in mantic-proposed (Reason: Moved to mantic) 
isc-dhcp (4.4.3-P1-2ubuntu1) mantic; urgency=low

  * Merge from Debian unstable, remaining changes:
    - debian/control: Add libcap-dev build dependency.
    - Apport hook for isc-dhcp-client and isc-dhcp-server.
    - Add systemd units for -server and -relay.
    - If /etc/ltsp/dhcpd.conf exists, use that instead of
      /etc/dhcp/dhcpd.conf.
    - Create user/group dhcpd and make isc-dhcp-server depend on adduser.
    - isc-dhcp-server: Suggest policycoreutils instead of recommending it.
    - Create /etc/dhcp/ddns-keys/ for DDNS updates.
    - Increase the timeout to 300 seconds for dhclient.conf (following the
      default added by dhclient-safer-timeout).
    - Sanitize environment in dhclient-script.linux.
    - add IPv6 initramfs support.
    - Separate default file for isc-dhcp-relay6.
    - Drop isc-dhcp-server/new_auth_behavior question from high to medium
    - dhclient-script.linux: handle empty case also when waiting for ipv6 link
      local DAD.
    - debian/initramfs-tools/lib/etc/dhcp/dhclient-enter-hooks.d/config: fix
      the logic for handling search domains to also write it to the output
      file when only the domain name is provided by the DHCP server. Copied
      code from debian/dhclient-script.linux.
    - Remaining Ubuntu patches:
      + dhclient-fix-backoff
      + revert-next-server
      + multi-ip-addr-per-if
      + dhclient-safer-timeout
      + onetry_retry_after_initial_success
      + dhcp-lpf-ib.patch
      + dhcp-improved-xid.patch
      + dhcp-gpxe-cid.patch
      + dhcp-improved-xid-correct-byte-order.patch
      + dhcp-4.2.4-dhclient-options-changed.patch
      + ubuntu-dhcpd-conf.patch
    - Apply patch from Alkis Georgopoulos to generate correct
      net{,6}-${iface}.conf files when DHCP supplies multiple DNS servers.
    - Write pidfile before informing parent of success.
    - Ship dhcp exit hook to push DNS information to resolved. LP #1889068
    - debian/apparmor/usr.sbin.dhcpd: also allow r+w on /proc/*/comm and
    /proc/*/task/*/comm (LP #1870729)
    - debian/rules: build with -fno-strict-aliasing.
    - debian/rules: Build with -O2 instead on -O3 on ppc64el
    - Fix env variable for INTERFACES
      + d/isc-dhcp-server.isc-dhcp-server{,6}.service: Replace $INTERFACES
        variable with $INTERFACEv4 and $INTERFACESv6, respectively, for
        respective services file.
    - Stop building the udeb on request.
    - debian/resolved: chown $statedir to systemd-resolve
    - Disable make_resolv_conf() if systemd-resolved is in use.
    - Include /etc/dhcp/dhclient-exit-hooks.d/rfc3442-classless-routes in
      the initramfs.
    - debian/rules: update to use dh_installsystemd.
    - debian/control: add Pre-Depends: ${misc:Pre-Depends} for
      init-system-helpers.
    - drop shebang line from apport hooks; these are sourced not executed
      and /usr/bin/python as an interpreter just confuses things.
    - debian/isc-dhcp-server.postinst: dhcpd user home directory on new
      installs should be /run, not /var/run.  No handling of migration at this
      time.
    - debian/patches/bind-outdated-config.guess.patch: run autoreconf in
      the bind directory.
    - Reorder the initramfs hook so that all files end up in the right
      directories.
    - debian/apparmor/sbin.dhclient: Allow disabling dhclient hooks.
  * Dropped changes, included in Debian:
    - Apparmor profiles for dhclient and dhcpd.
Superseded in mantic-release
Deleted in mantic-proposed (Reason: Moved to mantic) 
isc-dhcp (4.4.3-P1-1ubuntu2) mantic; urgency=medium

  * debian/apparmor/sbin.dhclient: Allow disabling dhclient hooks. LP: #2011628

 -- Brett Holman <email address hidden>  Fri, 17 Mar 2023 15:38:35 -0600
Published in focal-updates
Deleted in focal-proposed (Reason: moved to -updates) 
isc-dhcp (4.4.1-2.1ubuntu5.20.04.5) focal; urgency=medium

  [ Mauricio Faria de Oliveira ]
  * Prevent race condition that might ignore DHCP OFFERs/ACKs
    when dhclient receives DHCP traffic noise. (LP: #1926139)
    The previous/racy behavior can be switched back on with
    the 'DHCP_FD_FLAGS_POKE=0' environment variable or
    the 'dhcp.fd_flags_poke=0' kernel cmdline option.
    - d/p/lp1926139-watch-socket-fd-later.patch: fix, switches.
    - d/apparmor/sbin.dhclient,usr.sbin.dhcpd: /proc/cmdline r.

  [ Steve Langasek ]
  * Include /etc/dhcp/dhclient-exit-hooks.d/rfc3442-classless-routes
    in the initramfs. (LP: #1937110)
    - d/initramfs-tools/share/hooks/zz-dhclient: copy_exec it.

 -- Mauricio Faria de Oliveira <email address hidden>  Tue, 31 Jan 2023 19:10:35 -0300
Published in jammy-updates
Deleted in jammy-proposed (Reason: moved to -updates) 
isc-dhcp (4.4.1-2.3ubuntu2.4) jammy; urgency=medium

  [ Mauricio Faria de Oliveira ]
  * Prevent race condition that might ignore DHCP OFFERs/ACKs
    when dhclient receives DHCP traffic noise. (LP: #1926139)
    The previous/racy behavior can be switched back on with
    the 'DHCP_FD_FLAGS_POKE=0' environment variable or
    the 'dhcp.fd_flags_poke=0' kernel cmdline option.
    - d/p/lp1926139-watch-socket-fd-later.patch: fix, switches.
    - d/apparmor/sbin.dhclient,usr.sbin.dhcpd: /proc/cmdline r.

  [ Steve Langasek ]
  * Include /etc/dhcp/dhclient-exit-hooks.d/rfc3442-classless-routes
    in the initramfs. (LP: #1937110)
    - d/initramfs-tools/share/hooks/zz-dhclient: copy_exec it.

 -- Mauricio Faria de Oliveira <email address hidden>  Tue, 31 Jan 2023 18:54:40 -0300
Superseded in mantic-release
Published in lunar-release
Deleted in lunar-proposed (Reason: Moved to lunar) 
isc-dhcp (4.4.3-P1-1ubuntu1) lunar; urgency=medium

  * Merge from Debian unstable, remaining changes:
    - debian/control: Add libcap-dev build dependency.
    - Apparmor profiles for dhclient and dhcpd.
    - Apport hook for isc-dhcp-client and isc-dhcp-server.
    - Add systemd units for -server and -relay.
    - If /etc/ltsp/dhcpd.conf exists, use that instead of
      /etc/dhcp/dhcpd.conf.
    - Create user/group dhcpd and make isc-dhcp-server depend on adduser.
    - isc-dhcp-server: Suggest policycoreutils instead of recommending it.
    - Create /etc/dhcp/ddns-keys/ for DDNS updates.
    - Increase the timeout to 300 seconds for dhclient.conf (following the
      default added by dhclient-safer-timeout).
    - Sanitize environment in dhclient-script.linux.
    - add IPv6 initramfs support.
    - Separate default file for isc-dhcp-relay6.
    - Drop isc-dhcp-server/new_auth_behavior question from high to medium
    - dhclient-script.linux: handle empty case also when waiting for ipv6 link
      local DAD.
    - debian/initramfs-tools/lib/etc/dhcp/dhclient-enter-hooks.d/config: fix
      the logic for handling search domains to also write it to the output
      file when only the domain name is provided by the DHCP server. Copied
      code from debian/dhclient-script.linux.
    - Remaining Ubuntu patches:
      + dhclient-fix-backoff
      + revert-next-server
      + multi-ip-addr-per-if
      + dhclient-safer-timeout
      + onetry_retry_after_initial_success
      + dhcp-lpf-ib.patch
      + dhcp-improved-xid.patch
      + dhcp-gpxe-cid.patch
      + dhcp-improved-xid-correct-byte-order.patch
      + dhcp-4.2.4-dhclient-options-changed.patch
      + ubuntu-dhcpd-conf.patch
    - Apply patch from Alkis Georgopoulos to generate correct
      net{,6}-${iface}.conf files when DHCP supplies multiple DNS servers.
    - Write pidfile before informing parent of success.
    - Ship dhcp exit hook to push DNS information to resolved. LP #1889068
    - debian/apparmor/usr.sbin.dhcpd: also allow r+w on /proc/*/comm and
    /proc/*/task/*/comm (LP #1870729)
    - debian/apparmor/sbin.dhclient: also properly confine /usr/sbin/dhclient
    (LP #1850820)
    - debian/rules: build with -fno-strict-aliasing.
    - debian/rules: Build with -O2 instead on -O3 on ppc64el
    - Fix env variable for INTERFACES
      + d/isc-dhcp-server.isc-dhcp-server{,6}.service: Replace $INTERFACES
        variable with $INTERFACEv4 and $INTERFACESv6, respectively, for
        respective services file.
    - Stop building the udeb on request.
    - debian/resolved: chown $statedir to systemd-resolve
    - d/apparmor/sbin.dhclient: fix apparmor="DENIED" errors
    - Disable make_resolv_conf() if systemd-resolved is in use.
    - Include /etc/dhcp/dhclient-exit-hooks.d/rfc3442-classless-routes in
      the initramfs.
    - debian/rules: update to use dh_installsystemd.
    - debian/control: add Pre-Depends: ${misc:Pre-Depends} for
      init-system-helpers.
    - drop shebang line from apport hooks; these are sourced not executed
      and /usr/bin/python as an interpreter just confuses things.
    - debian/isc-dhcp-server.postinst: dhcpd user home directory on new
      installs should be /run, not /var/run.  No handling of migration at this
      time.
    - debian/patches/bind-outdated-config.guess.patch: run autoreconf in
      the bind directory.
    - Reorder the initramfs hook so that all files end up in the right
      directories.
  * Dropped patches, included upstream:
    - debian/patches/CVE-2022-2928.patch
    - debian/patches/CVE-2022-2929.patch
Superseded in lunar-release
Obsolete in kinetic-release
Deleted in kinetic-proposed (Reason: Moved to kinetic) 
isc-dhcp (4.4.3-2ubuntu4) kinetic; urgency=medium

  * SECURITY UPDATE: option refcount overflow
    - debian/patches/CVE-2022-2928.patch: correct reference counts in
      common/options.c, common/tests/option_unittest.c.
    - CVE-2022-2928
  * SECURITY UPDATE: DHCP memory leak
    - debian/patches/CVE-2022-2929.patch: properly free memory when hitting
      errors in common/options.c.
    - CVE-2022-2929

 -- Marc Deslauriers <email address hidden>  Thu, 06 Oct 2022 10:15:25 -0400

Available diffs

Published in bionic-updates
Published in bionic-security 
isc-dhcp (4.3.5-3ubuntu7.4) bionic-security; urgency=medium

  * SECURITY UPDATE: option refcount overflow
    - debian/patches/CVE-2022-2928.patch: correct reference counts in
      common/options.c, common/tests/option_unittest.c.
    - CVE-2022-2928
  * SECURITY UPDATE: DHCP memory leak
    - debian/patches/CVE-2022-2929.patch: properly free memory when hitting
      errors in common/options.c.
    - CVE-2022-2929

 -- Marc Deslauriers <email address hidden>  Tue, 04 Oct 2022 09:38:12 -0400
Superseded in jammy-updates
Published in jammy-security 
isc-dhcp (4.4.1-2.3ubuntu2.3) jammy-security; urgency=medium

  * SECURITY UPDATE: option refcount overflow
    - debian/patches/CVE-2022-2928.patch: correct reference counts in
      common/options.c, common/tests/option_unittest.c.
    - CVE-2022-2928
  * SECURITY UPDATE: DHCP memory leak
    - debian/patches/CVE-2022-2929.patch: properly free memory when hitting
      errors in common/options.c.
    - CVE-2022-2929

 -- Marc Deslauriers <email address hidden>  Tue, 04 Oct 2022 08:27:08 -0400
Superseded in focal-updates
Published in focal-security 
isc-dhcp (4.4.1-2.1ubuntu5.20.04.4) focal-security; urgency=medium

  * SECURITY UPDATE: option refcount overflow
    - debian/patches/CVE-2022-2928.patch: correct reference counts in
      common/options.c, common/tests/option_unittest.c.
    - CVE-2022-2928
  * SECURITY UPDATE: DHCP memory leak
    - debian/patches/CVE-2022-2929.patch: properly free memory when hitting
      errors in common/options.c.
    - CVE-2022-2929

 -- Marc Deslauriers <email address hidden>  Tue, 04 Oct 2022 08:36:23 -0400
Superseded in kinetic-release
Deleted in kinetic-proposed (Reason: Moved to kinetic) 
isc-dhcp (4.4.3-2ubuntu3) kinetic; urgency=medium

  * Reorder the initramfs hook so that all files end up in the right
    directories.

 -- Steve Langasek <email address hidden>  Tue, 16 Aug 2022 22:35:10 +0000
Superseded in kinetic-proposed 
isc-dhcp (4.4.3-2ubuntu2) kinetic; urgency=medium

  * debian/patches/bind-outdated-config.guess.patch: run autoreconf in
    the bind directory.

 -- Steve Langasek <email address hidden>  Sun, 14 Aug 2022 18:04:18 +0000

Available diffs

Superseded in kinetic-proposed 
isc-dhcp (4.4.3-2ubuntu1) kinetic; urgency=low

  * Merge from Debian unstable. Remaining changes:
    - debian/control: Add libcap-dev build dependency.
    - Apparmor profiles for dhclient and dhcpd.
    - Apport hook for isc-dhcp-client and isc-dhcp-server.
    - Add systemd units for -server and -relay.
    - If /etc/ltsp/dhcpd.conf exists, use that instead of
      /etc/dhcp/dhcpd.conf.
    - Create user/group dhcpd and make isc-dhcp-server depend on adduser.
    - isc-dhcp-server: Suggest policycoreutils instead of recommending it.
    - Create /etc/dhcp/ddns-keys/ for DDNS updates.
    - Increase the timeout to 300 seconds for dhclient.conf (following the
      default added by dhclient-safer-timeout).
    - Sanitize environment in dhclient-script.linux.
    - add IPv6 initramfs support.
    - Separate default file for isc-dhcp-relay6.
    - Drop isc-dhcp-server/new_auth_behavior question from high to medium
    - dhclient-script.linux: handle empty case also when waiting for ipv6 link
      local DAD.
    - debian/initramfs-tools/lib/etc/dhcp/dhclient-enter-hooks.d/config: fix
      the logic for handling search domains to also write it to the output
      file when only the domain name is provided by the DHCP server. Copied
      code from debian/dhclient-script.linux.
    - Remaining Ubuntu patches:
      + dhclient-fix-backoff
      + revert-next-server
      + multi-ip-addr-per-if
      + dhclient-safer-timeout
      + onetry_retry_after_initial_success
      + dhcp-lpf-ib.patch
      + dhcp-improved-xid.patch
      + dhcp-gpxe-cid.patch
      + dhcp-improved-xid-correct-byte-order.patch
      + dhcp-4.2.4-dhclient-options-changed.patch
      + ubuntu-dhcpd-conf.patch
    - Apply patch from Alkis Georgopoulos to generate correct
      net{,6}-${iface}.conf files when DHCP supplies multiple DNS servers.
    - Write pidfile before informing parent of success.
    - Ship dhcp exit hook to push DNS information to resolved. LP #1889068
    - debian/apparmor/usr.sbin.dhcpd: also allow r+w on /proc/*/comm and
    /proc/*/task/*/comm (LP #1870729)
    - debian/apparmor/sbin.dhclient: also properly confine /usr/sbin/dhclient
    (LP #1850820)
    - debian/rules: build with -fno-strict-aliasing.
    - debian/rules: Build with -O2 instead on -O3 on ppc64el
    - Fix env variable for INTERFACES
      + d/isc-dhcp-server.isc-dhcp-server{,6}.service: Replace $INTERFACES
        variable with $INTERFACEv4 and $INTERFACESv6, respectively, for
        respective services file.
    - Stop building the udeb on request.
    - debian/resolved: chown $statedir to systemd-resolve
    - d/apparmor/sbin.dhclient: fix apparmor="DENIED" errors
    - Disable make_resolv_conf() if systemd-resolved is in use.
    - Include /etc/dhcp/dhclient-exit-hooks.d/rfc3442-classless-routes in
      the initramfs.
  * Dropped changes, superseded in Debian:
    - Build-depend on debhelper (>= 9.20160709) for systemd support.
  * debian/patches/dhclient-safer-timeout,
    debian/patches/dhcp-4.2.4-dhclient-options-changed.patch,
    debian/patches/dhcp-gpxe-cid.patch,
    debian/patches/dhcp-improved-xid-correct-byte-order.patch,
    debian/patches/dhcp-improved-xid.patch, debian/patches/dhcp-lpf-ib.patch,
    debian/patches/multi-ip-addr-per-if: refresh.
  * debian/rules: update to use dh_installsystemd.
  * debian/control: add Pre-Depends: ${misc:Pre-Depends} for
    init-system-helpers.
  * drop shebang line from apport hooks; these are sourced not executed
    and /usr/bin/python as an interpreter just confuses things.
  * debian/isc-dhcp-server.postinst: dhcpd user home directory on new
    installs should be /run, not /var/run.  No handling of migration at this
    time.

Available diffs

Superseded in kinetic-release
Deleted in kinetic-proposed (Reason: Moved to kinetic) 
isc-dhcp (4.4.1-2.3ubuntu6) kinetic; urgency=medium

  * Include /etc/dhcp/dhclient-exit-hooks.d/rfc3442-classless-routes in the
    initramfs.  LP: #1937110.

 -- Steve Langasek <email address hidden>  Fri, 05 Aug 2022 23:58:14 +0000
Superseded in jammy-updates
Deleted in jammy-proposed (Reason: moved to -updates) 
isc-dhcp (4.4.1-2.3ubuntu2.2) jammy; urgency=medium

  * Disable make_resolv_conf() if systemd-resolved is in use (LP: #1972029)
    This functionality was moved from systemd 246-2ubuntu1 (enter-hook) to
    isc-dhcp 4.4.1-2.1ubuntu7 (exit-hook). The part overriding
    make_resolv_conf() was dropped, but is needed to avoid it overriding
    /etc/resolv.conf, managed by sd-resolved (stub-resolv.conf).

 -- Lukas Märdian <email address hidden>  Tue, 19 Jul 2022 09:56:44 +0200
Superseded in kinetic-release
Deleted in kinetic-proposed (Reason: Moved to kinetic) 
isc-dhcp (4.4.1-2.3ubuntu5) kinetic; urgency=medium

  * Disable make_resolv_conf() if systemd-resolved is in use (LP: #1972029)
    This functionality was moved from systemd 246-2ubuntu1 (enter-hook) to
    isc-dhcp 4.4.1-2.1ubuntu7 (exit-hook). The part overriding
    make_resolv_conf() was dropped, but is needed to avoid it overriding
    /etc/resolv.conf, managed by sd-resolved (stub-resolv.conf).

 -- Lukas Märdian <email address hidden>  Mon, 18 Jul 2022 15:50:13 +0200
Superseded in focal-updates
Deleted in focal-proposed (Reason: moved to -updates) 
isc-dhcp (4.4.1-2.1ubuntu5.20.04.3) focal; urgency=medium

  * d/apparmor/sbin.dhclient: fix apparmor="DENIED" errors (LP: #1918410)

 -- Lukas Märdian <email address hidden>  Tue, 21 Jun 2022 12:44:45 +0200
Obsolete in impish-updates
Deleted in impish-proposed (Reason: moved to -updates) 
isc-dhcp (4.4.1-2.3ubuntu1.1) impish; urgency=medium

  * d/apparmor/sbin.dhclient: fix apparmor="DENIED" errors (LP: #1918410)

 -- Lukas Märdian <email address hidden>  Tue, 21 Jun 2022 12:42:51 +0200
Superseded in jammy-updates
Deleted in jammy-proposed (Reason: moved to -updates) 
isc-dhcp (4.4.1-2.3ubuntu2.1) jammy; urgency=medium

  * d/apparmor/sbin.dhclient: fix apparmor="DENIED" errors (LP: #1918410)

 -- Lukas Märdian <email address hidden>  Tue, 21 Jun 2022 12:39:11 +0200
Superseded in kinetic-release
Deleted in kinetic-proposed (Reason: Moved to kinetic) 
isc-dhcp (4.4.1-2.3ubuntu4) kinetic; urgency=medium

  * d/apparmor/sbin.dhclient: fix apparmor="DENIED" errors (LP: #1918410)

 -- Lukas Märdian <email address hidden>  Tue, 21 Jun 2022 12:21:09 +0200
Superseded in kinetic-release
Deleted in kinetic-proposed (Reason: Moved to kinetic) 
isc-dhcp (4.4.1-2.3ubuntu3) kinetic; urgency=medium

  * debian/resolved: chown $statedir to systemd-resolve (LP: #1896772)

 -- Lukas Märdian <email address hidden>  Thu, 05 May 2022 10:27:34 +0200
Superseded in kinetic-release
Published in jammy-release
Deleted in jammy-proposed (Reason: Moved to jammy) 
isc-dhcp (4.4.1-2.3ubuntu2) jammy; urgency=high

  * No change rebuild for ppc64el baseline bump.

 -- Julian Andres Klode <email address hidden>  Thu, 24 Mar 2022 12:59:39 +0100
Superseded in jammy-release
Obsolete in impish-release
Deleted in impish-proposed (Reason: Moved to impish) 
isc-dhcp (4.4.1-2.3ubuntu1) impish; urgency=medium

  * Merge from Debian unstable.  Remaining changes:
    - debian/control: Add libcap-dev build dependency.
    - Apparmor profiles for dhclient and dhcpd.
    - Apport hook for isc-dhcp-client and isc-dhcp-server.
    - Add systemd units for -server and -relay.
    - If /etc/ltsp/dhcpd.conf exists, use that instead of
      /etc/dhcp/dhcpd.conf.
    - Create user/group dhcpd and make isc-dhcp-server depend on adduser.
    - isc-dhcp-server: Suggest policycoreutils instead of recommending it.
    - Create /etc/dhcp/ddns-keys/ for DDNS updates.
    - Increase the timeout to 300 seconds for dhclient.conf (following the
      default added by dhclient-safer-timeout).
    - Sanitize environment in dhclient-script.linux.
    - add IPv6 initramfs support.
    - Separate default file for isc-dhcp-relay6.
    - Drop isc-dhcp-server/new_auth_behavior question from high to medium
    - dhclient-script.linux: handle empty case also when waiting for ipv6 link
      local DAD.
    - debian/initramfs-tools/lib/etc/dhcp/dhclient-enter-hooks.d/config: fix
      the logic for handling search domains to also write it to the output
      file when only the domain name is provided by the DHCP server. Copied
      code from debian/dhclient-script.linux.
    - Remaining Ubuntu patches:
      + dhclient-fix-backoff
      + revert-next-server
      + multi-ip-addr-per-if
      + dhclient-safer-timeout
      + onetry_retry_after_initial_success
      + dhcp-lpf-ib.patch
      + dhcp-improved-xid.patch
      + dhcp-gpxe-cid.patch
      + dhcp-improved-xid-correct-byte-order.patch
      + dhcp-4.2.4-dhclient-options-changed.patch
      + ubuntu-dhcpd-conf.patch
    - Apply patch from Alkis Georgopoulos to generate correct
      net{,6}-${iface}.conf files when DHCP supplies multiple DNS servers.
    - Build-depend on debhelper (>= 9.20160709) for systemd support.
    - Write pidfile before informing parent of success.
    - Ship dhcp exit hook to push DNS information to resolved. LP #1889068
    - debian/apparmor/usr.sbin.dhcpd: also allow r+w on /proc/*/comm and
    /proc/*/task/*/comm (LP #1870729)
    - debian/apparmor/sbin.dhclient: also properly confine /usr/sbin/dhclient
    (LP #1850820)
    - debian/rules: build with -fno-strict-aliasing.
    - debian/rules: Build with -O2 instead on -O3 on ppc64el
    - Fix env variable for INTERFACES
      + d/isc-dhcp-server.isc-dhcp-server{,6}.service: Replace $INTERFACES
        variable with $INTERFACEv4 and $INTERFACESv6, respectively, for
        respective services file.
    - Stop building the udeb on request.
  * Dropped Ubuntu changes:
    - debian/patches/CVE-2021-25217.patch, applied in Debian
Superseded in impish-release
Deleted in impish-proposed (Reason: Moved to impish) 
isc-dhcp (4.4.1-2.2ubuntu9) impish; urgency=medium

  * No-change rebuild due to OpenLDAP soname bump.

 -- Sergio Durigan Junior <email address hidden>  Mon, 21 Jun 2021 17:49:00 -0400
Superseded in impish-release
Deleted in impish-proposed (Reason: Moved to impish) 
isc-dhcp (4.4.1-2.2ubuntu8) impish; urgency=medium

  * Fix regression caused by rebuild with newer toolchain (LP: #1930917)
    - debian/rules: build with -fno-strict-aliasing.

 -- Marc Deslauriers <email address hidden>  Mon, 07 Jun 2021 08:25:03 -0400
Obsolete in hirsute-updates
Obsolete in hirsute-security 
isc-dhcp (4.4.1-2.2ubuntu6.2) hirsute-security; urgency=medium

  * Fix regression caused by rebuild with newer toolchain (LP: #1930917)
    - debian/rules: build with -fno-strict-aliasing.

 -- Marc Deslauriers <email address hidden>  Mon, 07 Jun 2021 08:08:56 -0400
Superseded in impish-release
Deleted in impish-proposed (Reason: Moved to impish) 
isc-dhcp (4.4.1-2.2ubuntu7) impish; urgency=medium

  * SECURITY UPDATE: DoS via incorrect option information parsing
    - debian/patches/CVE-2021-25217.patch: fix parsing in common/parse.c.
    - CVE-2021-25217

 -- Marc Deslauriers <email address hidden>  Tue, 25 May 2021 06:45:17 -0400
Superseded in focal-updates
Superseded in focal-security 
isc-dhcp (4.4.1-2.1ubuntu5.20.04.2) focal-security; urgency=medium

  * SECURITY UPDATE: DoS via incorrect option information parsing
    - debian/patches/CVE-2021-25217.patch: fix parsing in common/parse.c.
    - CVE-2021-25217

 -- Marc Deslauriers <email address hidden>  Tue, 25 May 2021 06:50:22 -0400
Superseded in bionic-updates
Superseded in bionic-security 
isc-dhcp (4.3.5-3ubuntu7.3) bionic-security; urgency=medium

  * SECURITY UPDATE: DoS via incorrect option information parsing
    - debian/patches/CVE-2021-25217.patch: fix parsing in common/parse.c.
    - CVE-2021-25217

 -- Marc Deslauriers <email address hidden>  Tue, 25 May 2021 06:50:53 -0400
Superseded in hirsute-updates
Superseded in hirsute-security 
isc-dhcp (4.4.1-2.2ubuntu6.1) hirsute-security; urgency=medium

  * SECURITY UPDATE: DoS via incorrect option information parsing
    - debian/patches/CVE-2021-25217.patch: fix parsing in common/parse.c.
    - CVE-2021-25217

 -- Marc Deslauriers <email address hidden>  Tue, 25 May 2021 06:45:17 -0400
Obsolete in groovy-updates
Obsolete in groovy-security 
isc-dhcp (4.4.1-2.1ubuntu10.1) groovy-security; urgency=medium

  * SECURITY UPDATE: DoS via incorrect option information parsing
    - debian/patches/CVE-2021-25217.patch: fix parsing in common/parse.c.
    - CVE-2021-25217

 -- Marc Deslauriers <email address hidden>  Tue, 25 May 2021 06:49:59 -0400
Superseded in bionic-updates
Deleted in bionic-proposed (Reason: moved to -updates) 
isc-dhcp (4.3.5-3ubuntu7.2) bionic; urgency=medium

  * Fix env variable for INTERFACES (LP: #1894172)
    - d/isc-dhcp-server.isc-dhcp-server{,6}.service: Replace $INTERFACES
      variable with $INTERFACEv4 and $INTERFACESv6, respectively, for
      respective services file.

 -- Utkarsh Gupta <email address hidden>  Wed, 10 Mar 2021 19:57:51 +0530
Superseded in focal-updates
Deleted in focal-proposed (Reason: moved to -updates) 
isc-dhcp (4.4.1-2.1ubuntu5.20.04.1) focal; urgency=medium

  * Fix env variable for INTERFACES (LP: #1894172)
    - d/isc-dhcp-server.isc-dhcp-server{,6}.service: Replace $INTERFACES
      variable with $INTERFACEv4 and $INTERFACESv6, respectively, for
      respective services file.

 -- Utkarsh Gupta <email address hidden>  Tue, 09 Mar 2021 20:49:45 +0530
Superseded in groovy-updates
Deleted in groovy-proposed (Reason: moved to -updates) 
isc-dhcp (4.4.1-2.1ubuntu10) groovy; urgency=medium

  * Fix env variable for INTERFACES (LP: #1894172)
    - d/isc-dhcp-server.isc-dhcp-server{,6}.service: Replace $INTERFACES
      variable with $INTERFACEv4 and $INTERFACESv6, respectively, for
      respective services file.

 -- Utkarsh Gupta <email address hidden>  Wed, 10 Mar 2021 20:04:04 +0530
Superseded in impish-release
Obsolete in hirsute-release
Deleted in hirsute-proposed (Reason: Moved to hirsute) 
isc-dhcp (4.4.1-2.2ubuntu6) hirsute; urgency=medium

  * d/rules: Build with -O2 instead on -O3 on ppc64el
    to work around network-manager's regression.

 -- Utkarsh Gupta <email address hidden>  Mon, 08 Mar 2021 16:37:18 +0530
Superseded in hirsute-proposed 
isc-dhcp (4.4.1-2.2ubuntu5) hirsute; urgency=medium

  * Fix env variable for INTERFACES (LP: #1894172)
    - d/isc-dhcp-server.isc-dhcp-server{,6}.service: Replace $INTERFACES
      variable with $INTERFACEv4 and $INTERFACESv6, respectively, for
      respective services file.

 -- Utkarsh Gupta <email address hidden>  Fri, 26 Feb 2021 18:57:38 +0530
Superseded in hirsute-proposed 
isc-dhcp (4.4.1-2.2ubuntu4) hirsute; urgency=medium

  * Stop building the udeb on request.

 -- Matthias Klose <email address hidden>  Mon, 22 Feb 2021 12:04:15 +0100
Superseded in hirsute-proposed 
isc-dhcp (4.4.1-2.2ubuntu3) hirsute; urgency=medium

  * No-change rebuild to drop the udeb package.

 -- Matthias Klose <email address hidden>  Mon, 22 Feb 2021 10:34:12 +0100
Superseded in hirsute-proposed 
isc-dhcp (4.4.1-2.2ubuntu2) hirsute; urgency=medium

  * No change rebuild with fixed ownership.

 -- Dimitri John Ledkov <email address hidden>  Tue, 16 Feb 2021 15:16:19 +0000
Superseded in hirsute-proposed 
isc-dhcp (4.4.1-2.2ubuntu1) hirsute; urgency=low

  * Merge from Debian unstable.  Remaining changes:
    - debian/control: Add libcap-dev build dependency.
    - Apparmor profiles for dhclient and dhcpd.
    - Apport hook for isc-dhcp-client and isc-dhcp-server.
    - Add systemd units for -server and -relay.
    - If /etc/ltsp/dhcpd.conf exists, use that instead of
      /etc/dhcp/dhcpd.conf.
    - Create user/group dhcpd and make isc-dhcp-server depend on adduser.
    - isc-dhcp-server: Suggest policycoreutils instead of recommending it.
    - Create /etc/dhcp/ddns-keys/ for DDNS updates.
    - Increase the timeout to 300 seconds for dhclient.conf (following the
      default added by dhclient-safer-timeout).
    - Sanitize environment in dhclient-script.linux.
    - add IPv6 initramfs support.
    - Separate default file for isc-dhcp-relay6.
    - Drop isc-dhcp-server/new_auth_behavior question from high to medium
    - dhclient-script.linux: handle empty case also when waiting for ipv6 link
      local DAD.
    - debian/initramfs-tools/lib/etc/dhcp/dhclient-enter-hooks.d/config: fix
      the logic for handling search domains to also write it to the output
      file when only the domain name is provided by the DHCP server. Copied
      code from debian/dhclient-script.linux.
    - Remaining Ubuntu patches:
      + dhclient-fix-backoff
      + revert-next-server
      + multi-ip-addr-per-if
      + dhclient-safer-timeout
      + onetry_retry_after_initial_success
      + dhcp-lpf-ib.patch
      + dhcp-improved-xid.patch
      + dhcp-gpxe-cid.patch
      + dhcp-improved-xid-correct-byte-order.patch
      + dhcp-4.2.4-dhclient-options-changed.patch
      + ubuntu-dhcpd-conf.patch
    - Apply patch from Alkis Georgopoulos to generate correct
      net{,6}-${iface}.conf files when DHCP supplies multiple DNS servers.
    - Build-depend on debhelper (>= 9.20160709) for systemd support.
    - Write pidfile before informing parent of success.
    - Ship dhcp exit hook to push DNS information to resolved. LP #1889068
    - debian/apparmor/usr.sbin.dhcpd: also allow r+w on /proc/*/comm and
    /proc/*/task/*/comm (LP #1870729)
    - debian/apparmor/sbin.dhclient: also properly confine /usr/sbin/dhclient
    (LP #1850820)
Superseded in hirsute-release
Obsolete in groovy-release
Deleted in groovy-proposed (Reason: moved to Release) 
isc-dhcp (4.4.1-2.1ubuntu9) groovy; urgency=medium

  * Revert 4.4.1-2.1ubuntu8, network-manager autopkgtests regress on
    ppc64el.

 -- Dimitri John Ledkov <email address hidden>  Wed, 12 Aug 2020 10:33:55 +0100
Superseded in groovy-proposed 
isc-dhcp (4.4.1-2.1ubuntu8) groovy; urgency=medium

  * Fix building with gcc-10
    - debian/patches/Fixed_gcc_10_compilation_issues.patch:
      Fixed FTBFS when use gcc 10 compile making extern local_port,
      remote_port, dhcp_type_host variables, and eliminated memcpy string
      overflow error in client/dhclient.c, common/discover.c, relay/dhcrelay.c,
      server/mdb.c, and server/mdb6.c.
    - Revert previous changes to debian/rules, debian/control
      to use gcc-9.

 -- <email address hidden> (Leonidas S. Barbosa)  Fri, 07 Aug 2020 11:48:45 -0300
Superseded in groovy-proposed 
isc-dhcp (4.4.1-2.1ubuntu7) groovy; urgency=medium

  * Ship dhcp exit hook to push DNS information to resolved. LP: #1889068
  * Build with gcc-9, as isc-dhcp fails to build from source with gcc-10.

 -- Dimitri John Ledkov <email address hidden>  Mon, 27 Jul 2020 12:19:06 +0100
Superseded in groovy-release
Deleted in groovy-proposed (Reason: moved to Release) 
isc-dhcp (4.4.1-2.1ubuntu6) groovy; urgency=medium

  * No-change rebuild for new bind 9.11.18 libs.

 -- Andreas Hasenack <email address hidden>  Mon, 18 May 2020 17:19:12 -0300
Superseded in groovy-release
Published in focal-release
Deleted in focal-proposed (Reason: moved to Release) 
isc-dhcp (4.4.1-2.1ubuntu5) focal; urgency=medium

  * debian/apparmor/usr.sbin.dhcpd: also allow write on /proc/*/comm and
    /proc/*/task/*/comm (LP: #1870729)

 -- Jamie Strandboge <email address hidden>  Fri, 10 Apr 2020 17:21:12 +0000
Superseded in focal-release
Deleted in focal-proposed (Reason: moved to Release) 
isc-dhcp (4.4.1-2.1ubuntu4) focal; urgency=medium

  * debian/apparmor/usr.sbin.dhcpd: allow owner read on /proc/*/comm and
    /proc/*/task/*/comm (LP: #1870729)

 -- Jamie Strandboge <email address hidden>  Mon, 06 Apr 2020 21:58:35 +0000
Superseded in focal-release
Deleted in focal-proposed (Reason: moved to Release) 
isc-dhcp (4.4.1-2.1ubuntu3) focal; urgency=medium

  * debian/apparmor/sbin.dhclient: also properly confine /usr/sbin/dhclient
    (LP: #1850820)

 -- Marc Deslauriers <email address hidden>  Wed, 11 Mar 2020 09:16:03 -0400
Superseded in focal-release
Deleted in focal-proposed (Reason: moved to Release) 
isc-dhcp (4.4.1-2.1ubuntu2) focal; urgency=medium

  * No-change rebuild for new bind 9.11.16 libs.

 -- Andreas Hasenack <email address hidden>  Tue, 25 Feb 2020 17:36:58 -0300
Superseded in focal-release
Deleted in focal-proposed (Reason: moved to Release) 
isc-dhcp (4.4.1-2.1ubuntu1) focal; urgency=low

  * Merge from Debian unstable.  Remaining changes:
    - debian/control: Add libcap-dev build dependency.
    - Apparmor profiles for dhclient and dhcpd.
    - Apport hook for isc-dhcp-client and isc-dhcp-server.
    - Add systemd units for -server and -relay.
    - If /etc/ltsp/dhcpd.conf exists, use that instead of
      /etc/dhcp/dhcpd.conf.
    - Create user/group dhcpd and make isc-dhcp-server depend on adduser.
    - isc-dhcp-server: Suggest policycoreutils instead of recommending it.
    - Create /etc/dhcp/ddns-keys/ for DDNS updates.
    - Increase the timeout to 300 seconds for dhclient.conf (following the
      default added by dhclient-safer-timeout).
    - Sanitize environment in dhclient-script.linux.
    - add IPv6 initramfs support.
    - Separate default file for isc-dhcp-relay6.
    - Drop isc-dhcp-server/new_auth_behavior question from high to medium
    - dhclient-script.linux: handle empty case also when waiting for ipv6 link
      local DAD.
    - debian/initramfs-tools/lib/etc/dhcp/dhclient-enter-hooks.d/config: fix
      the logic for handling search domains to also write it to the output
      file when only the domain name is provided by the DHCP server. Copied
      code from debian/dhclient-script.linux.
    - Remaining Ubuntu patches:
      + dhclient-fix-backoff
      + revert-next-server
      + multi-ip-addr-per-if
      + dhclient-safer-timeout
      + onetry_retry_after_initial_success
      + dhcp-lpf-ib.patch
      + dhcp-improved-xid.patch
      + dhcp-gpxe-cid.patch
      + dhcp-improved-xid-correct-byte-order.patch
      + dhcp-4.2.4-dhclient-options-changed.patch
      + ubuntu-dhcpd-conf.patch
    - Apply patch from Alkis Georgopoulos to generate correct
      net{,6}-${iface}.conf files when DHCP supplies multiple DNS servers.
    - Build-depend on debhelper (>= 9.20160709) for systemd support.
    - Write pidfile before informing parent of success.
  * Dropped changes, no longer needed:
    - debian/patches/system-bind.patch: restore Ubuntu delta required for
      building with -Wl,--as-needed.
Superseded in focal-release
Deleted in focal-proposed (Reason: moved to Release) 
isc-dhcp (4.4.1-2ubuntu6) focal; urgency=medium

  * No-change rebuild for new bind 9.11.14 libs.

 -- Andreas Hasenack <email address hidden>  Wed, 15 Jan 2020 15:08:48 -0300

Available diffs

Superseded in focal-release
Obsolete in eoan-release
Deleted in eoan-proposed (Reason: moved to release) 
isc-dhcp (4.4.1-2ubuntu5) eoan; urgency=medium

  * Apply patch from Alkis Georgopoulos to generate correct
    net{,6}-${iface}.conf files when DHCP supplies multiple DNS servers.
    (LP: #1840965).

 -- Michael Hudson-Doyle <email address hidden>  Tue, 03 Sep 2019 10:10:56 +1200

Available diffs

Obsolete in cosmic-updates
Obsolete in cosmic-security 
isc-dhcp (4.3.5-3ubuntu9.1) cosmic-security; urgency=medium

  * SECURITY UPDATE: DoS via change in bind behaviour (LP: #1781699)
    - debian/patches/CVE-2019-6470.patch: use 0 instead of -1 to indicate
      empty heap index in includes/dhcpd.h, server/mdb6.c,
      server/tests/mdb6_unittest.c.
    - CVE-2019-6470

 -- Marc Deslauriers <email address hidden>  Mon, 06 May 2019 08:57:40 -0400
Superseded in bionic-updates
Superseded in bionic-security 
isc-dhcp (4.3.5-3ubuntu7.1) bionic-security; urgency=medium

  * SECURITY UPDATE: DoS via change in bind behaviour (LP: #1781699)
    - debian/patches/CVE-2019-6470.patch: use 0 instead of -1 to indicate
      empty heap index in includes/dhcpd.h, server/mdb6.c,
      server/tests/mdb6_unittest.c.
    - CVE-2019-6470

 -- Marc Deslauriers <email address hidden>  Mon, 06 May 2019 09:00:01 -0400
Superseded in eoan-release
Obsolete in disco-release
Deleted in disco-proposed (Reason: moved to release) 
isc-dhcp (4.4.1-2ubuntu4) disco; urgency=medium

  * Write pidfile before informing parent of success. (LP: #1819747)

 -- Michael Hudson-Doyle <email address hidden>  Wed, 13 Mar 2019 14:26:56 +1300

Available diffs

Superseded in disco-release
Deleted in disco-proposed (Reason: moved to release) 
isc-dhcp (4.4.1-2ubuntu3) disco; urgency=medium

  * Drop redundant calls to dh_installinit, we aren't installing extra init
    scripts and we aren't installing any upstart jobs.
  * Build-depend on debhelper (>= 9.20160709) instead of dh-systemd.

 -- Steve Langasek <email address hidden>  Mon, 11 Feb 2019 16:04:33 -0800
Superseded in disco-proposed 
isc-dhcp (4.4.1-2ubuntu2) disco; urgency=medium

  * debian/patches/system-bind.patch: restore Ubuntu delta required for
    building with -Wl,--as-needed.

 -- Steve Langasek <email address hidden>  Mon, 11 Feb 2019 15:21:32 -0800

Available diffs

Superseded in disco-proposed 
isc-dhcp (4.4.1-2ubuntu1) disco; urgency=low

  * Merge from Debian unstable.  Remaining changes:
    - debian/control: Add libcap-dev build dependency.
    - Apparmor profiles for dhclient and dhcpd.
    - Apport hook for isc-dhcp-client and isc-dhcp-server.
    - Add systemd units for -server and -relay.
    - If /etc/ltsp/dhcpd.conf exists, use that instead of
      /etc/dhcp/dhcpd.conf.
    - Create user/group dhcpd and make isc-dhcp-server depend on adduser.
    - isc-dhcp-server: Suggest policycoreutils instead of recommending it.
    - Create /etc/dhcp/ddns-keys/ for DDNS updates.
    - Increase the timeout to 300 seconds for dhclient.conf (following the
      default added by dhclient-safer-timeout).
    - Sanitize environment in dhclient-script.linux.
    - add IPv6 initramfs support.
    - Separate default file for isc-dhcp-relay6.
    - Drop isc-dhcp-server/new_auth_behavior question from high to medium
    - dhclient-script.linux: handle empty case also when waiting for ipv6 link
      local DAD.
    - debian/initramfs-tools/lib/etc/dhcp/dhclient-enter-hooks.d/config: fix
      the logic for handling search domains to also write it to the output
      file when only the domain name is provided by the DHCP server. Copied
      code from debian/dhclient-script.linux.
    - Remaining Ubuntu patches:
      + dhclient-fix-backoff
      + revert-next-server
      + multi-ip-addr-per-if
      + dhclient-safer-timeout
      + onetry_retry_after_initial_success
      + dhcp-lpf-ib.patch
      + dhcp-improved-xid.patch
      + dhcp-gpxe-cid.patch
      + dhcp-improved-xid-correct-byte-order.patch
      + dhcp-4.2.4-dhclient-options-changed.patch
      + ubuntu-dhcpd-conf.patch
  * Dropped changes, included upstream:
    - debian/patches/CVE-2018-573x.patch
  * Dropped changes, included in Debian:
    - debian/patches/system-bind.patch
    - debian/patches/bind-includes.patch
  * Drop pre-bionic upstart migration.

Available diffs

Superseded in disco-release
Deleted in disco-proposed (Reason: moved to release) 
isc-dhcp (4.3.5-3ubuntu10) disco; urgency=medium

  * d/p/bind-includes.patch: updated to build with bind 9.11.5. Taken from
    Debian bug #911975, thanks to Thorsten Alteholz <email address hidden>

 -- Andreas Hasenack <email address hidden>  Tue, 11 Dec 2018 16:39:25 -0200

Available diffs

Superseded in disco-release
Obsolete in cosmic-release
Deleted in cosmic-proposed (Reason: moved to release) 
isc-dhcp (4.3.5-3ubuntu9) cosmic; urgency=medium

  * No change rebuild against new bind9 libs.

 -- Andreas Hasenack <email address hidden>  Wed, 01 Aug 2018 10:05:46 -0300

Available diffs

Superseded in cosmic-release
Deleted in cosmic-proposed (Reason: moved to release) 
isc-dhcp (4.3.5-3ubuntu8) cosmic; urgency=medium

  * Adjust apparmor profile for usrmerge. LP: #1784023

 -- Dimitri John Ledkov <email address hidden>  Mon, 30 Jul 2018 14:30:57 +0100

Available diffs

Published in precise-updates
Published in precise-security 
isc-dhcp (4.1.ESV-R4-0ubuntu5.13) precise-security; urgency=medium

  * SECURITY UPDATE: buffer overflow in dhclient
    - debian/patches/CVE-2018-573x.patch: check option data size in
      common/options.c.
    - CVE-2018-5732
  * SECURITY UPDATE: reference counter overflow in dhcpd
    - debian/patches/CVE-2018-573x.patch: avoid overflow in
      common/options.c.
    - CVE-2018-5733

 -- <email address hidden> (Leonidas S. Barbosa)  Fri, 25 May 2018 11:32:13 -0300
Superseded in cosmic-release
Published in bionic-release
Deleted in bionic-proposed (Reason: moved to release) 
isc-dhcp (4.3.5-3ubuntu7) bionic; urgency=medium

  * bind-includes.patch: Copied from Debian to fix build with bind
    9.11.3.

 -- Timo Aaltonen <email address hidden>  Mon, 16 Apr 2018 13:40:34 +0300

Available diffs

Superseded in bionic-release
Deleted in bionic-proposed (Reason: moved to release) 
isc-dhcp (4.3.5-3ubuntu6) bionic; urgency=medium

  * debian/apparmor/sbin.dhclient: drop 'capability sys_module' since we
    already have 'net_admin' and network module loading (which might happen via
    ip/ifconfig/etc) allowed with 'net_admin' (LP: #1759032)

 -- Jamie Strandboge <email address hidden>  Mon, 26 Mar 2018 21:00:32 +0000

Available diffs

Obsolete in artful-updates
Deleted in artful-proposed (Reason: moved to -updates) 
isc-dhcp (4.3.5-3ubuntu2.3) artful; urgency=medium

  * dhclient-script.linux: handle empty case also when waiting for ipv6 link
    local DAD. (LP: #1718568)

 -- Dan Streetman <email address hidden>  Fri, 02 Mar 2018 13:14:51 -0500
Published in xenial-updates
Deleted in xenial-proposed (Reason: moved to -updates) 
isc-dhcp (4.3.3-5ubuntu12.10) xenial; urgency=medium

  * dhclient-script.linux: handle empty case also when waiting for ipv6 link
    local DAD. (LP: #1718568)

 -- Dan Streetman <email address hidden>  Fri, 02 Mar 2018 13:16:05 -0500
Published in trusty-updates
Deleted in trusty-proposed (Reason: moved to -updates) 
isc-dhcp (4.2.4-7ubuntu12.13) trusty; urgency=medium

  * dhclient-script.linux: handle empty case also when waiting for ipv6 link
    local DAD. (LP: #1718568)

 -- Dan Streetman <email address hidden>  Fri, 02 Mar 2018 13:17:36 -0500
Superseded in bionic-release
Deleted in bionic-proposed (Reason: moved to release) 
isc-dhcp (4.3.5-3ubuntu5) bionic; urgency=medium

  * SECURITY UPDATE: DoS via omapi
    - debian/patches/CVE-2018-573x.patch: fix socket descriptor leak in
      omapip/buffer.c, omapip/message.c.
    - CVE-2017-3144
  * SECURITY UPDATE: buffer overflow in dhclient
    - debian/patches/CVE-2018-573x.patch: check option data size in
      common/options.c, add tests to common/tests/Makefile.am,
      common/tests/option_unittest.c.
    - CVE-2018-5732
  * SECURITY UPDATE: reference counter overflow in dhcpd
    - debian/patches/CVE-2018-573x.patch: avoid overflow in
      common/options.c.
    - CVE-2018-5733

 -- Marc Deslauriers <email address hidden>  Thu, 01 Mar 2018 07:48:09 -0500

Available diffs

Superseded in trusty-updates
Published in trusty-security 
isc-dhcp (4.2.4-7ubuntu12.12) trusty-security; urgency=medium

  * SECURITY UPDATE: DoS via concurrent TCP sessions
    - debian/patches/CVE-2016-2774.patch: limit number of connections in
      includes/site.h, omapip/listener.c.
    - CVE-2016-2774
  * SECURITY UPDATE: DoS via omapi
    - debian/patches/CVE-2018-573x.patch: fix socket descriptor leak in
      omapip/buffer.c, omapip/message.c.
    - CVE-2017-3144
  * SECURITY UPDATE: buffer overflow in dhclient
    - debian/patches/CVE-2018-573x.patch: check option data size in
      common/options.c.
    - CVE-2018-5732
  * SECURITY UPDATE: reference counter overflow in dhcpd
    - debian/patches/CVE-2018-573x.patch: avoid overflow in
      common/options.c.
    - CVE-2018-5733
  * This package does _not_ contain the changes from 4.2.4-7ubuntu12.11 in
    trusty-proposed.

 -- Marc Deslauriers <email address hidden>  Thu, 01 Mar 2018 08:45:46 -0500
Superseded in xenial-updates
Published in xenial-security 
isc-dhcp (4.3.3-5ubuntu12.9) xenial-security; urgency=medium

  * SECURITY UPDATE: DoS via concurrent TCP sessions
    - debian/patches/CVE-2016-2774.patch: limit number of connections in
      includes/site.h, omapip/listener.c.
    - CVE-2016-2774
  * SECURITY UPDATE: DoS via omapi
    - debian/patches/CVE-2018-573x.patch: fix socket descriptor leak in
      omapip/buffer.c, omapip/message.c.
    - CVE-2017-3144
  * SECURITY UPDATE: buffer overflow in dhclient
    - debian/patches/CVE-2018-573x.patch: check option data size in
      common/options.c, add tests to common/tests/Makefile.am,
      common/tests/option_unittest.c.
    - CVE-2018-5732
  * SECURITY UPDATE: reference counter overflow in dhcpd
    - debian/patches/CVE-2018-573x.patch: avoid overflow in
      common/options.c.
    - CVE-2018-5733
  * This package does _not_ contain the changes from 4.3.3-5ubuntu12.8 in
    xenial-proposed.

 -- Marc Deslauriers <email address hidden>  Thu, 01 Mar 2018 08:20:48 -0500
Superseded in artful-updates
Obsolete in artful-security 
isc-dhcp (4.3.5-3ubuntu2.2) artful-security; urgency=medium

  * SECURITY UPDATE: DoS via omapi
    - debian/patches/CVE-2018-573x.patch: fix socket descriptor leak in
      omapip/buffer.c, omapip/message.c.
    - CVE-2017-3144
  * SECURITY UPDATE: buffer overflow in dhclient
    - debian/patches/CVE-2018-573x.patch: check option data size in
      common/options.c, add tests to common/tests/Makefile.am,
      common/tests/option_unittest.c.
    - CVE-2018-5732
  * SECURITY UPDATE: reference counter overflow in dhcpd
    - debian/patches/CVE-2018-573x.patch: avoid overflow in
      common/options.c.
    - CVE-2018-5733
  * This package does _not_ contain the changes from 4.3.5-3ubuntu2.1 in
    artful-proposed.

 -- Marc Deslauriers <email address hidden>  Thu, 01 Mar 2018 08:16:21 -0500
175 of 222 results FirstPreviousLast