dnsmasq: 2.92rel2 -> 2.93

Dropping the patch for CVE-2026-6507 since it has been fixed in this
tag.

(cherry picked from commit 5efefac4ae)
This commit is contained in:
Gliczy 2026-06-14 10:41:32 +02:00 committed by github-actions[bot]
commit d3853b6fb9
2 changed files with 2 additions and 35 deletions

View file

@ -1,28 +0,0 @@
From 9ad74926d4f7f34ff902e1db5235535aa813c33f Mon Sep 17 00:00:00 2001
From: Simon Kelley <simon@thekelleys.org.uk>
Date: Mon, 6 Apr 2026 22:22:43 +0100
Subject: [PATCH] Fix 1-byte buffer overflow in relay_reply4()
Potential SIGSEGV when using DHCPv4-relay.
Thanks to Asim Viladi Oglu Manizada for finding this.
---
src/rfc2131.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/src/rfc2131.c b/src/rfc2131.c
index 7bdfefd..55aad03 100644
--- a/src/rfc2131.c
+++ b/src/rfc2131.c
@@ -3248,7 +3248,7 @@ unsigned int relay_reply4(struct dhcp_packet *mess, size_t sz, char *arrival_int
/* delete agent info before return RFC 3046 para 2.1 */
*opt = OPTION_END;
- memset(opt + 1, 0, option_len(opt) + 2);
+ memset(opt + 1, 0, option_len(opt) + 1);
}
}
else if (mess->giaddr.s_addr == relay->local.addr4.s_addr)
--
2.20.1

View file

@ -30,18 +30,13 @@ let
in
stdenv.mkDerivation (finalAttrs: {
pname = "dnsmasq";
version = "2.92rel2";
version = "2.93";
src = fetchurl {
url = "https://www.thekelleys.org.uk/dnsmasq/dnsmasq-${finalAttrs.version}.tar.xz";
hash = "sha256-Q9crjBKb3zPRe6/tyYgj9j5GtQBRKAZr8NKkcqMs4Go=";
hash = "sha256-DADU5cl8gwbl+5MrNIs0JpycKaDn3w6OgpWLQHCSvBk=";
};
patches = [
# https://thekelleys.org.uk/gitweb/?p=dnsmasq.git;a=patch;h=9ad74926d4f7f34ff902e1db5235535aa813c33f
./CVE-2026-6507.patch
];
postPatch = lib.optionalString stdenv.hostPlatform.isLinux ''
sed '1i#include <linux/sockios.h>' -i src/dhcp.c
'';