Security fix for CVE-2012-3570,CVE-2012-3571,CVE-2012-3954; patches for CVE-2011-2748,CVE-2749,CVE-2011-4539 dropped, but they already included in source code

.abf.yml

@@ -1,3 +1,3 @@
 sources:
-  "dhcp-4.2.1-P1.tar.gz": 7767019313b4128357054a1eb053c66799831dd6
+  "dhcp-4.2.4-P1.tar.gz": 0fe0f20b7be597d60e61951d2ccafe547d3bcec2
   "dhcp-dynamic-dns-examples.tar.bz2": d33980aad3e0380fc89f8346ab37786d39157696

dhcp-4.1.1-useless-wait.patch

@@ -1,17 +0,0 @@
---- client/dhclient.c	2010/04/28 19:13:43	1.1
-+++ client/dhclient.c	2010/04/28 19:17:01
-@@ -594,9 +594,12 @@
- 				else {
- 					client->state = S_INIT;
- 					/* Set up a timeout to start the
--					 * initialization process.
-+					 * initialization process,
-+					 * _immediately_, as agreed but never
-+					 * applied by the ISC upstream
-+	  https://lists.isc.org/mailman/htdig/dhcp-users/2006-June/thread.html#928
- 					 */
--					tv.tv_sec = cur_time + random() % 5;
-+					tv.tv_sec = cur_time - 1;
- 					tv.tv_usec = 0;
- 					add_timeout(&tv, state_reboot,
- 						    client, 0, 0);

dhcp-4.2.1-P1-CVE-2011-2748,2749.diff

@@ -1,59 +0,0 @@
-diff -Naurp dhcp-4.2.1-P1/common/discover.c dhcp-4.2.1-P1.oden/common/discover.c
---- dhcp-4.2.1-P1/common/discover.c	2011-08-18 12:58:40.883411562 +0200
-+++ dhcp-4.2.1-P1.oden/common/discover.c	2011-08-18 12:55:47.002338724 +0200
-@@ -1391,12 +1391,16 @@ isc_result_t got_one (h)
- 	if (result == 0)
- 		return ISC_R_UNEXPECTED;
- 
--	/* If we didn't at least get the fixed portion of the BOOTP
--	   packet, drop the packet.  We're allowing packets with no
--	   sname or filename, because we're aware of at least one
--	   client that sends such packets, but this definitely falls
--	   into the category of being forgiving. */
--	if (result < DHCP_FIXED_NON_UDP - DHCP_SNAME_LEN - DHCP_FILE_LEN)
-+	/*
-+	 * If we didn't at least get the fixed portion of the BOOTP
-+	 * packet, drop the packet.
-+	 * Previously we allowed packets with no sname or filename
-+	 * as we were aware of at least one client that did.  But
-+	 * a bug caused short packets to not work and nobody has
-+	 * complained, it seems rational to tighten up that
-+	 * restriction.
-+	 */
-+	if (result < DHCP_FIXED_NON_UDP)
- 		return ISC_R_UNEXPECTED;
- 
- 	if (bootp_packet_handler) {
-diff -Naurp dhcp-4.2.1-P1/common/options.c dhcp-4.2.1-P1.oden/common/options.c
---- dhcp-4.2.1-P1/common/options.c	2011-03-24 22:57:13.000000000 +0100
-+++ dhcp-4.2.1-P1.oden/common/options.c	2011-08-18 12:55:47.003338734 +0200
-@@ -592,8 +592,8 @@ cons_options(struct packet *inpacket, st
- 	} else if (bootpp) {
- 		mb_size = 64;
- 		if (inpacket != NULL &&
--		    (inpacket->packet_length - DHCP_FIXED_LEN >= 64))
--			mb_size = inpacket->packet_length - DHCP_FIXED_LEN;
-+		    (inpacket->packet_length >= 64 + DHCP_FIXED_NON_UDP))
-+			mb_size = inpacket->packet_length - DHCP_FIXED_NON_UDP;
- 	} else
- 		mb_size = DHCP_MIN_OPTION_LEN;
- 
-diff -Naurp dhcp-4.2.1-P1/server/dhcp.c dhcp-4.2.1-P1.oden/server/dhcp.c
---- dhcp-4.2.1-P1/server/dhcp.c	2010-09-09 08:52:37.000000000 +0200
-+++ dhcp-4.2.1-P1.oden/server/dhcp.c	2011-08-18 12:57:53.156117387 +0200
-@@ -2336,6 +2336,7 @@ void ack_lease (packet, lease, offer, wh
- 	 * giaddr.
- 	 */
- 	if (!packet->agent_options_stashed &&
-+	    (packet->options != NULL) &&
- 	    packet->options->universe_count > agent_universe.index &&
- 	    packet->options->universes[agent_universe.index] != NULL) {
- 	    oc = lookup_option (&server_universe, state -> options,
-@@ -4429,6 +4430,7 @@ maybe_return_agent_options(struct packet
- 	 * by the user into the new state, not just give up.
- 	 */
- 	if (!packet->agent_options_stashed &&
-+	    (packet->options != NULL) &&
- 	    packet->options->universe_count > agent_universe.index &&
- 	    packet->options->universes[agent_universe.index] != NULL &&
- 	    (options->universe_count <= agent_universe.index ||

dhcp-4.2.1-P1-CVE-2011-4539.diff

@@ -1,25 +0,0 @@
-diff -Naurp dhcp-4.2.1-P1/common/dhcp-eval.5 dhcp-4.2.1-P1.oden/common/dhcp-eval.5
---- dhcp-4.2.1-P1/common/dhcp-eval.5	2010-07-06 19:03:11.000000000 +0000
-+++ dhcp-4.2.1-P1.oden/common/dhcp-eval.5	2011-12-08 11:31:44.000000000 +0000
-@@ -133,8 +133,8 @@ extended regex(7) matching of the values
- true if \fIdata-expression-1\fR matches against the regular expression
- evaluated by \fIdata-expression-2\fR, or false if it does not match or
- encounters some error.  If either the left-hand side or the right-hand side 
--are null, the result is also false.  The \fB~~\fR operator differs from the
--\fB~=\fR operator in that it is case-insensitive.
-+are null or empty strings, the result is also false.  The \fB~~\fR operator
-+differs from the \fB~=\fR operator in that it is case-insensitive.
- .RE
- .PP
- .I boolean-expression-1 \fBand\fR \fIboolean-expression-2\fR
-diff -Naurp dhcp-4.2.1-P1/common/tree.c dhcp-4.2.1-P1.oden/common/tree.c
---- dhcp-4.2.1-P1/common/tree.c	2009-11-20 01:49:01.000000000 +0000
-+++ dhcp-4.2.1-P1.oden/common/tree.c	2011-12-08 11:31:38.000000000 +0000
-@@ -1120,6 +1120,7 @@ int evaluate_boolean_expression (result,
- 		*result = 0;
- 		memset(&re, 0, sizeof(re));
- 		if (bleft && bright &&
-+		    (left.data != NULL) && (right.data != NULL) &&
-         	    (regcomp(&re, (char *)right.data, regflags) == 0) &&
- 		    (regexec(&re, (char *)left.data, (size_t)0, NULL, 0) == 0))
- 				*result = 1;

dhcp-4.2.1-P1.tar.gz.sha512.asc

@@ -1,11 +0,0 @@
------BEGIN PGP SIGNATURE-----
-Version: GnuPG v2.0.9 (GNU/Linux)
-
-iQEVAwUATZoM/dgRtT8Le64AAQoHqQf/dRI18soyGYHZwP868cMk4mZsTThTPCul
-8WRfxQNjC93fRSrCeANdBeUOEjKnGbDyeAMS4gJHP4MnRywWDKvlKNjEhFNvoD4B
-bKRAXTsvYjR19IwMmbjwexI7XAUbD208FiNvynvvjfKbnkiDnb4bJMzea2y/RGYO
-RfNJm4SR4P4u4csuY9uG4CaD4z+3CZkCKX00l3oN3SHlkLfntPm/VUbpILtt77wQ
-KH/nYaiglyt+SkFEevDMjvW6+04ZQ//tDYuSIOK0LZJBrkspAOMW8lWProZPl2oX
-fOI+OLQHAavei1qber2A1Tqj1JC3BRftX6stuMbfTWGj4RYZmhHMNw==
-=cijx
------END PGP SIGNATURE-----

dhcp-4.2.2-fix-format-errors.patch

@@ -1,7 +1,7 @@
-diff -p -up dhcp-4.1.1/client/dhclient.c.not_a_string dhcp-4.1.1/client/dhclient.c
---- dhcp-4.1.1/client/dhclient.c.not_a_string	2010-01-07 19:47:40.000000000 -0200
-+++ dhcp-4.1.1/client/dhclient.c	2010-02-25 11:30:19.000000000 -0300
-@@ -381,9 +381,9 @@ main(int argc, char **argv) {
+diff -Naur -x '*.orig' dhcp-4.2.2/client/dhclient.c dhcp-4.2.2-fix-format-errors/client/dhclient.c
+--- dhcp-4.2.2/client/dhclient.c	2011-07-01 13:58:53.000000000 +0200
++++ dhcp-4.2.2-fix-format-errors/client/dhclient.c	2011-08-29 19:08:55.560183457 +0200
+@@ -420,9 +420,9 @@
  
  	if (!quiet) {
  		log_info("%s %s", message, PACKAGE_VERSION);
@@ -14,7 +14,7 @@ diff -p -up dhcp-4.1.1/client/dhclient.c.not_a_string dhcp-4.1.1/client/dhclient
  		log_info("%s", "");
  	} else {
  		log_perror = 0;
-@@ -647,9 +647,9 @@ main(int argc, char **argv) {
+@@ -701,9 +701,9 @@
  static void usage()
  {
  	log_info("%s %s", message, PACKAGE_VERSION);
@@ -25,12 +25,12 @@ diff -p -up dhcp-4.1.1/client/dhclient.c.not_a_string dhcp-4.1.1/client/dhclient
 +	log_info("%s", arr);
 +	log_info("%s", url);
  
- 	log_error("Usage: dhclient %s %s",
- #ifdef DHCPv6
-diff -p -up dhcp-4.1.1/relay/dhcrelay.c.not_a_string dhcp-4.1.1/relay/dhcrelay.c
---- dhcp-4.1.1/relay/dhcrelay.c.not_a_string	2010-01-07 19:48:02.000000000 -0200
-+++ dhcp-4.1.1/relay/dhcrelay.c	2010-02-25 11:30:22.000000000 -0300
-@@ -403,9 +403,9 @@ main(int argc, char **argv) {
+ 
+ 	log_fatal("Usage: dhclient "
+diff -Naur -x '*.orig' dhcp-4.2.2/relay/dhcrelay.c dhcp-4.2.2-fix-format-errors/relay/dhcrelay.c
+--- dhcp-4.2.2/relay/dhcrelay.c	2011-05-10 15:07:37.000000000 +0200
++++ dhcp-4.2.2-fix-format-errors/relay/dhcrelay.c	2011-08-29 19:08:55.561183444 +0200
+@@ -428,9 +428,9 @@
  
  	if (!quiet) {
  		log_info("%s %s", message, PACKAGE_VERSION);
@@ -43,10 +43,10 @@ diff -p -up dhcp-4.1.1/relay/dhcrelay.c.not_a_string dhcp-4.1.1/relay/dhcrelay.c
  	} else {
  		quiet = 0;
  		log_perror = 0;
-diff -p -up dhcp-4.1.1/server/dhcpd.c.not_a_string dhcp-4.1.1/server/dhcpd.c
---- dhcp-4.1.1/server/dhcpd.c.not_a_string	2010-02-25 11:29:56.000000000 -0300
-+++ dhcp-4.1.1/server/dhcpd.c	2010-02-25 11:30:22.000000000 -0300
-@@ -459,9 +459,9 @@ main(int argc, char **argv) {
+diff -Naur -x '*.orig' dhcp-4.2.2/server/dhcpd.c dhcp-4.2.2-fix-format-errors/server/dhcpd.c
+--- dhcp-4.2.2/server/dhcpd.c	2011-04-21 16:08:15.000000000 +0200
++++ dhcp-4.2.2-fix-format-errors/server/dhcpd.c	2011-08-29 19:08:55.563183419 +0200
+@@ -474,9 +474,9 @@
  
  	if (!quiet) {
  		log_info("%s %s", message, PACKAGE_VERSION);
@@ -59,7 +59,7 @@ diff -p -up dhcp-4.1.1/server/dhcpd.c.not_a_string dhcp-4.1.1/server/dhcpd.c
  	} else {
  		quiet = 0;
  		log_perror = 0;
-@@ -1061,9 +1061,9 @@ void postconf_initialization (int quiet)
+@@ -1096,9 +1096,9 @@
  					log_perror = 0;
  					log_info("%s %s",
  						 message, PACKAGE_VERSION);
@@ -72,7 +72,7 @@ diff -p -up dhcp-4.1.1/server/dhcpd.c.not_a_string dhcp-4.1.1/server/dhcpd.c
  					log_perror = tmp;
  				}
  			} else
-@@ -1170,8 +1170,8 @@ void postdb_startup (void)
+@@ -1205,8 +1205,8 @@
  static void
  usage(void) {
  	log_info("%s %s", message, PACKAGE_VERSION);

dhcp-4.2.2-ifup.patch

@@ -1,6 +1,6 @@
-diff -p -up dhcp-4.1.1/client/scripts/linux.ifup dhcp-4.1.1/client/scripts/linux
---- dhcp-4.1.1/client/scripts/linux.ifup	2009-04-21 11:21:09.000000000 -0300
-+++ dhcp-4.1.1/client/scripts/linux	2010-02-25 11:26:32.000000000 -0300
+diff -Naur -x '*~' -x '*.orig' -x '*.rej' dhcp-4.2.2/client/scripts/linux dhcp-4.2.2-ifup/client/scripts/linux
+--- dhcp-4.2.2/client/scripts/linux	2011-05-18 22:01:54.000000000 +0200
++++ dhcp-4.2.2-ifup/client/scripts/linux	2011-08-29 19:07:58.722894019 +0200
 @@ -1,8 +1,11 @@
  #!/bin/bash
 -# dhclient-script for Linux. Dan Halbert, March, 1997.
@@ -17,7 +17,7 @@ diff -p -up dhcp-4.1.1/client/scripts/linux.ifup dhcp-4.1.1/client/scripts/linux
  
  # Notes:
  
-@@ -26,35 +29,46 @@
+@@ -26,28 +29,35 @@
  ip=/sbin/ip
  
  make_resolv_conf() {
@@ -54,7 +54,7 @@ diff -p -up dhcp-4.1.1/client/scripts/linux.ifup dhcp-4.1.1/client/scripts/linux
    elif [ "x${new_dhcp6_name_servers}" != x ] ; then
 -    cat /dev/null > /etc/resolv.conf.dhclient6
 -    chmod 644 /etc/resolv.conf.dhclient6
- 
+-
 -    if [ "x${new_dhcp6_domain_search}" != x ] ; then
 -      echo search ${new_dhcp6_domain_search} >> /etc/resolv.conf.dhclient6
 +    if [ -n "$DOMAIN" ]; then
@@ -63,21 +63,25 @@ diff -p -up dhcp-4.1.1/client/scripts/linux.ifup dhcp-4.1.1/client/scripts/linux
 +    elif [ "x${new_dhcp6_domain_search}" != x ] ; then
 +      d="search ${new_dhcp6_domain_search}"
      fi
+     shopt -s nocasematch 
      for nameserver in ${new_dhcp6_name_servers} ; do
--      echo nameserver ${nameserver} >> /etc/resolv.conf.dhclient6
-+      ns="$ns"$'\n'"nameserver ${nameserver}"
+@@ -59,11 +69,13 @@
+       else
+ 	zone_id=
+       fi
+-      echo nameserver ${nameserver}$zone_id >> /etc/resolv.conf.dhclient6
++      ns="$ns"$'\n'"nameserver ${nameserver}$zone_id"
      done
+     shopt -u nocasematch 
 +  fi
  
 -    mv /etc/resolv.conf.dhclient6 /etc/resolv.conf
 +  if [ -n "$d" -o -n "$ns" ]; then
 +     change_resolv_conf "$d" "$ns"
    fi
-+
  }
  
- # Must be used on exit.   Invokes the local dhcp client exit hooks, if any.
-@@ -78,6 +92,25 @@ if [ -f /etc/dhclient-enter-hooks ]; the
+@@ -88,6 +100,25 @@
    fi
  fi
  
@@ -103,7 +107,7 @@ diff -p -up dhcp-4.1.1/client/scripts/linux.ifup dhcp-4.1.1/client/scripts/linux
  ###
  ### DHCPv4 Handlers
  ###
-@@ -128,15 +161,6 @@ fi
+@@ -138,15 +169,6 @@
    
  if [ x$reason = xBOUND ] || [ x$reason = xRENEW ] || \
     [ x$reason = xREBIND ] || [ x$reason = xREBOOT ]; then
@@ -119,7 +123,7 @@ diff -p -up dhcp-4.1.1/client/scripts/linux.ifup dhcp-4.1.1/client/scripts/linux
      
    if [ x$old_ip_address != x ] && [ x$alias_ip_address != x ] && \
  		[ x$alias_ip_address != x$old_ip_address ]; then
-@@ -155,12 +179,14 @@ if [ x$reason = xBOUND ] || [ x$reason =
+@@ -165,12 +187,14 @@
      ifconfig $interface inet $new_ip_address $new_subnet_arg \
  					$new_broadcast_arg $mtu_arg
      # Add a network route to the computed network address.
@@ -131,10 +135,10 @@ diff -p -up dhcp-4.1.1/client/scripts/linux.ifup dhcp-4.1.1/client/scripts/linux
        route add default gw $router $metric_arg dev $interface
      done
 +   fi
-   fi
-   if [ x$new_ip_address != x$alias_ip_address ] && [ x$alias_ip_address != x ];
-    then
-@@ -168,7 +194,25 @@ if [ x$reason = xBOUND ] || [ x$reason =
+   else
+     # we haven't changed the address, have we changed other options           
+     # that we wish to update?
+@@ -193,7 +217,25 @@
      ifconfig $interface:0 inet $alias_ip_address $alias_subnet_arg
      route add -host $alias_ip_address $interface:0
    fi
@@ -161,7 +165,7 @@ diff -p -up dhcp-4.1.1/client/scripts/linux.ifup dhcp-4.1.1/client/scripts/linux
    exit_with_hooks 0
  fi
  
-@@ -202,13 +246,17 @@ if [ x$reason = xTIMEOUT ]; then
+@@ -227,13 +269,17 @@
        ifconfig $interface:0 inet $alias_ip_address $alias_subnet_arg
        route add -host $alias_ip_address dev $interface:0
      fi

dhcp-4.2.4-P1.tar.gz.sha512.asc

@@ -0,0 +1,11 @@
+-----BEGIN PGP SIGNATURE-----
+Version: GnuPG v1.4.12 (GNU/Linux)
+
+iQEcBAABCgAGBQJQDUjkAAoJEKv5WqfJazUKE38H/0OOq8Ww/exUWUYg28Jeyxqj
+NX/jqyma6amjVDhmnDu/l4HekYl2DExb71slg4iYMCatKbPVV8Aak1o8BdRzQ/pi
+u0lNvPNxYH6+z3AxffY7zONgY/YYXlYxt2QdAvn86NHepIzdJxHlZP/Axpu6kQwk
+9N6519CjXgtfai9J1K4rKTjOqM3vFVYrqe1e5uRIlEuPmyWcfQl2mzgG0B5p6pts
+dPXJ0RvV8UAsCSc4noNUnpd8XWtqCK7I4795LEJ/iA9CWUj0HDn8D35nMZ4q1vVe
+fr2FEtyTfqIj0VvIX6W7mlDZm8tOgfrXqgiZYhmKbNeJcPqQfjJ08WWau/eWDGw=
+=ONl/
+-----END PGP SIGNATURE-----

dhcp.spec

@@ -4,9 +4,9 @@
 Summary:	The ISC DHCP (Dynamic Host Configuration Protocol) server/relay agent/client
 Name:		dhcp
 Epoch:		3
-Version:	4.2.1
+Version:	4.2.4
 %define subrel 1
-Release:	%mkrel 0.%{pver}.2
+Release:	%mkrel 0.%{pver}.1
 License:	Distributable
 Group:		System/Servers
 URL:		https://www.isc.org/software/dhcp
@@ -23,16 +23,12 @@ Source8:	dhcpd-chroot.sh
 Source9:	dhclient-exit-hooks
 Source12:	draft-ietf-dhc-ldap-schema-01.txt
 # customize ifup script
-Patch0:		dhcp-4.1.1-ifup.patch
-Patch5:		dhcp-4.1.1-format_not_a_string_literal_and_no_format_arguments.patch
+Patch0:		dhcp-4.2.2-ifup.patch
+Patch5:		dhcp-4.2.2-fix-format-errors.patch
 # (fc) 4.1.0-3mdv no IPv6 is no longer fatal for dhclient
 Patch6:		dhcp-4.1.1-missing-ipv6-not-fatal.patch
 # prevents needless deassociation, working around mdv bug #43441
 Patch7:		dhcp-4.1.1-prevent_wireless_deassociation.patch
-# redhat bug #587070
-Patch9:		dhcp-4.1.1-useless-wait.patch
-Patch10:	dhcp-4.2.1-P1-CVE-2011-2748,2749.diff
-Patch11:	dhcp-4.2.1-P1-CVE-2011-4539.diff
 BuildRequires:	perl groff-for-man
 BuildRequires:	openldap-devel
 Provides:	dhcpd
@@ -146,9 +142,6 @@ Internet Software Consortium (ISC) dhcpctl API.
 %patch5 -p1 -b .format_not_a_string_literal_and_no_format_arguments
 %patch6 -p1 -b .noipv6nonfatal
 %patch7 -p1 -b .prevent_wireless_deassociation
-%patch9 -p0 -b .useless_wait
-%patch10 -p1 -b .CVE-2011-2748,2749
-%patch11 -p1 -b .CVE-2011-4539
 
 install -m0644 %{SOURCE12} doc
 
@@ -341,3 +334,312 @@ rm -rf %{buildroot}
 %{_mandir}/man3/*
 
 
+%changelog
+* Thu Jul 26 2012 Oden Eriksson <oeriksson@mandriva.com> 3:4.2.4-0.P1.1.1
+- 4.2.4-P1 (fixes CVE-2012-3570, CVE-2012-3571, CVE-2012-3954)
+
+* Thu Dec 08 2011 Oden Eriksson <oeriksson@mandriva.com> 3:4.2.1-0.P1.2.1
+- P11: security fix for CVE-2011-4539
+
+* Thu Aug 18 2011 Oden Eriksson <oeriksson@mandriva.com> 3:4.2.1-0.P1.2mdv2011.0
++ Revision: 695144
+- actually use the correct friggin patch...
+- P10: security fix for CVE-2011-2748,2749
+
+* Fri Apr 08 2011 Oden Eriksson <oeriksson@mandriva.com> 3:4.2.1-0.P1.1
++ Revision: 651971
+- 4.2.1-P1
+- drop one upstream added patch
+
+* Wed Jan 19 2011 Eugeni Dodonov <eugeni@mandriva.com> 3:4.2.0-0.P2.2
++ Revision: 631680
+- Added sample dhclient-exit-hooks, initially handling
+  rfc3442_classless_static_routes (suggested in #62242).
+
+* Thu Jan 06 2011 Oden Eriksson <oeriksson@mandriva.com> 3:4.2.0-0.P2.1mdv2011.0
++ Revision: 629100
+- 4.2.0-P2
+- bump release
+- 4.2.0-P1
+
+* Mon Aug 30 2010 Olivier Blin <blino@mandriva.org> 2:4.2.0-1mdv2011.0
++ Revision: 574440
+- do not define again _GNU_SOURCE, now defined in default configure script
+- 4.2.0
+- LDAP patch merged upstream
+
+* Mon Jul 12 2010 Eugeni Dodonov <eugeni@mandriva.com> 2:4.1.1-7mdv2011.0
++ Revision: 551267
+- Get rid of some useless wait (rh bug #587070)
+
+* Fri Jun 11 2010 Oden Eriksson <oeriksson@mandriva.com> 2:4.1.1-6mdv2010.1
++ Revision: 547867
+- 4.1.1-P1
+
+* Tue Apr 06 2010 Funda Wang <fwang@mandriva.org> 2:4.1.1-5mdv2010.1
++ Revision: 531983
+- rebuild for new openssl
+
+* Fri Mar 12 2010 Götz Waschk <waschk@mandriva.org> 2:4.1.1-4mdv2010.1
++ Revision: 518419
+- remove debug files from devel package
+
+* Tue Mar 09 2010 Guillaume Rousse <guillomovitch@mandriva.org> 2:4.1.1-3mdv2010.1
++ Revision: 517076
+- set explicit runlevels in init script
+
+* Fri Feb 26 2010 Oden Eriksson <oeriksson@mandriva.com> 2:4.1.1-2mdv2010.1
++ Revision: 511559
+- rebuilt against openssl-0.9.8m
+
+* Thu Feb 25 2010 Eugeni Dodonov <eugeni@mandriva.com> 2:4.1.1-1mdv2010.1
++ Revision: 511131
+- Updated to 4.1.1.
+  Rediff P0, P5, P6, P7.
+  Drop P9 (merged upstream).
+  Drop P10 (no longer needed).
+
+* Wed Feb 17 2010 Eugeni Dodonov <eugeni@mandriva.com> 2:4.1.0p1-4mdv2010.1
++ Revision: 507051
+- Updated ldap patch to use correct variables (#56028).
+
+* Tue Jan 26 2010 Eugeni Dodonov <eugeni@mandriva.com> 2:4.1.0p1-3mdv2010.1
++ Revision: 496733
+- Allow setting MTU if specified by the server (#57260).
+
+* Wed Sep 23 2009 Oden Eriksson <oeriksson@mandriva.com> 2:4.1.0p1-2mdv2010.0
++ Revision: 447689
+- P9: security fix for CVE-2009-1892
+
+* Wed Jul 15 2009 Oden Eriksson <oeriksson@mandriva.com> 2:4.1.0p1-1mdv2010.0
++ Revision: 396413
+- 4.1.0p1
+
+* Fri Jun 19 2009 Wanderlei Cavassin <cavassin@mandriva.com.br> 2:4.1.0-6mdv2010.0
++ Revision: 387320
+- fixed lease file parsing for tokens never and epoch (closes mdv #50194)
+
+  + Götz Waschk <waschk@mandriva.org>
+    - fix URL
+
+* Wed Mar 04 2009 Gustavo De Nardin <gustavodn@mandriva.com> 2:4.1.0-5mdv2009.1
++ Revision: 348205
+- added Patch7, as suggested by Andrey Borzenkov, which prevents
+  dhclient-script from bringing interfaces down needlessly, which in turn
+  works around bug #43441 (deassociation going unnoticed by wpa_supplicant,
+  in the end causing the interface to not get an IP address)
+
+* Thu Feb 19 2009 Frederic Crozat <fcrozat@mandriva.com> 2:4.1.0-4mdv2009.1
++ Revision: 342950
+- Update patch6 with Fedora version which has been submitted upstream for inclusion
+
+* Fri Jan 09 2009 Frederic Crozat <fcrozat@mandriva.com> 2:4.1.0-3mdv2009.1
++ Revision: 327771
+- Patch6: no IPv6 is no longer a fatal error for dhclient
+
+* Thu Jan 08 2009 Frederic Crozat <fcrozat@mandriva.com> 2:4.1.0-2mdv2009.1
++ Revision: 327169
+- Update patch0 to correctly work with resolvconf
+
+* Thu Jan 08 2009 Frederic Crozat <fcrozat@mandriva.com> 2:4.1.0-1mdv2009.1
++ Revision: 327047
+- Release 4.1.0 (Mdv bug #46804)
+- Remove detection of 64bits host at buildtime, configure is smart enough now
+- Enable IPv6 support
+- Regenerate patches 0, 5
+- Remove patches 2 (merged upstream), 4 (useless)
+- Patch1 (LDAP support) is now taked from Fedora, as well as source 9, 10, 11, 12
+
+* Sat Dec 20 2008 Oden Eriksson <oeriksson@mandriva.com> 2:3.0.7-2mdv2009.1
++ Revision: 316549
+- rediffed one fuzzy patch
+- fix build with -Werror=format-security (P5)
+
+* Sun Jul 13 2008 Tomasz Pawel Gajc <tpg@mandriva.org> 2:3.0.7-1mdv2009.0
++ Revision: 234269
+- update to new version 3.0.7
+- Patch1: new version
+- use %%_var instead of %%_localstatedir
+- spec file clean
+
+* Mon Jun 16 2008 Thierry Vignaud <tv@mandriva.org> 2:3.0.6-6mdv2009.0
++ Revision: 220615
+- rebuild
+
+  + Pixel <pixel@mandriva.com>
+    - adapt to %%_localstatedir now being /var instead of /var/lib (#22312)
+
+* Wed Mar 26 2008 Oden Eriksson <oeriksson@mandriva.com> 2:3.0.6-5mdv2008.1
++ Revision: 190309
+- don't start it per default
+
+* Wed Jan 23 2008 Thierry Vignaud <tv@mandriva.org> 2:3.0.6-4mdv2008.1
++ Revision: 157246
+- rebuild with fixed %%serverbuild macro
+
+* Mon Dec 24 2007 Oden Eriksson <oeriksson@mandriva.com> 2:3.0.6-3mdv2008.1
++ Revision: 137459
+- rebuilt against openldap-2.4.7 libs
+
+  + Olivier Blin <blino@mandriva.org>
+    - restore BuildRoot
+    - fix typo in doc description
+
+  + Thierry Vignaud <tv@mandriva.org>
+    - kill re-definition of %%buildroot on Pixel's request
+
+* Wed Dec 12 2007 Olivier Blin <blino@mandriva.org> 2:3.0.6-2mdv2008.1
++ Revision: 119077
+- move rpm-helper requirements in post/preun instead of pre/postun when needed
+
+* Tue Jul 10 2007 Tomasz Pawel Gajc <tpg@mandriva.org> 2:3.0.6-1mdv2008.0
++ Revision: 50797
+- new version
+
+* Wed Jul 04 2007 Andreas Hasenack <andreas@mandriva.com> 2:3.0.5-8mdv2008.0
++ Revision: 48227
+- use serverbuild macro (-fstack-protector-all)
+
+
+* Wed Mar 28 2007 Olivier Blin <oblin@mandriva.com> 3.0.5-7mdv2007.1
++ Revision: 149230
+- dhcpcd should start ldap (Daggett)
+
+* Fri Mar 16 2007 Olivier Blin <oblin@mandriva.com> 2:3.0.5-6mdv2007.1
++ Revision: 144641
+- drop useless perl(Win32API::Registry) requires exception
+- move RFC/API/protocol doc in a dhcp-doc sub-package
+
+* Sat Mar 10 2007 Olivier Blin <oblin@mandriva.com> 2:3.0.5-5mdv2007.1
++ Revision: 140432
+- PEERGATEWAY support (#20806)
+
+* Sat Mar 10 2007 Olivier Blin <oblin@mandriva.com> 2:3.0.5-4mdv2007.1
++ Revision: 140295
+- default to NEEDHOSTNAME=no, as described in initscripts documentation
+
+* Thu Jan 11 2007 Olivier Blin <oblin@mandriva.com> 2:3.0.5-3mdv2007.1
++ Revision: 107599
+- make dhclient-script set DEVICE variable when no ifcfg file is present (to call resolvconf correctly)
+
+* Tue Jan 02 2007 Olivier Blin <oblin@mandriva.com> 2:3.0.5-2mdv2007.1
++ Revision: 103318
+- bump release
+- do not call unknown /sbin/update-resolvrdv in dhclient-script
+- set metric before creating resolv.conf (useful for resolvconf)
+
+* Thu Nov 16 2006 Guillaume Rousse <guillomovitch@mandriva.org> 2:3.0.5-1mdv2007.1
++ Revision: 84730
+- new version
+  install configuration file under real name, not as sample
+
+* Fri Sep 01 2006 Olivier Blin <oblin@mandriva.com> 2:3.0.4-2mdv2007.0
++ Revision: 59227
+- add METRIC support in dhclient-script (from Fabrice Facorat, #23164)
+- bunzip sources and patches
+- Import dhcp
+
+* Mon May 22 2006 Oden Eriksson <oeriksson@mandriva.com> 3.0.4-1mdk
+- 3.0.4
+- added new rediffed ldap patch (P1)
+
+* Mon Feb 06 2006 Olivier Blin <oblin@mandriva.com> 3.0.4-0.b2.8mdk
+- use $'\n' in dhclient-script (required for initscripts >= 7.66,
+  since change_resolv_conf doesn't use "echo -e" anymore)
+
+* Mon Jan 09 2006 Olivier Blin <oblin@mandriva.com> 3.0.4-0.b2.7mdk
+- fix requires post and preun
+- fix typo in initscript
+
+* Mon Jan 09 2006 Olivier Blin <oblin@mandriva.com> 3.0.4-0.b2.6mdk
+- convert parallel init to LSB
+
+* Mon Jan 02 2006 Olivier Blin <oblin@mandriva.com> 3.0.4-0.b2.5mdk
+- parallel init support
+
+* Tue Dec 06 2005 Frederic Lepied <flepied@mandriva.com> 3.0.4-0.b2.4mdk
+- use change_resolv_conf in dhclient-scripts to be able to do the right
+thing wrt nscd.
+
+* Tue Nov 29 2005 Thierry Vignaud <tvignaud@mandriva.com> 3.0.4-0.b2.3mdk
+- fix build on x86_64
+
+* Thu Nov 24 2005 Oden Eriksson <oeriksson@mandriva.com> 3.0.4-0.b2.2mdk
+- exclude debug files in the -devel package, temporary solution
+
+* Mon Nov 14 2005 Oden Eriksson <oeriksson@mandriva.com> 3.0.4-0.b2.1mdk
+- 3.0.4b2
+- pass "-DLDAP_DEPRECATED" to the CFLAGS
+- updated rediffed P1 (dhcp-3.0.3-ldap-patch)
+- fix the chroot script so it won't touch the /etc/dhcpd.conf file
+
+* Wed Aug 31 2005 Oden Eriksson <oeriksson@mandriva.com> 3.0.3-3mdk
+- rebuilt against new openldap-2.3.6 libs
+
+* Sat Aug 06 2005 Michael Scherer <misc@mandriva.org> 3.0.3-2mdk
+- fill a default config file
+
+* Mon Aug 01 2005 Oden Eriksson <oeriksson@mandriva.com> 3.0.3-1mdk
+- 3.0.3
+- fix deps
+- drop the gcc343 patch (P3), it's fixed upstream
+- use the %%mkrel macro
+
+* Sat Apr 23 2005 Olivier Blin <oblin@mandriva.com> 3.0.2-2mdk
+- do not make dhclient-script fail and return DENY return code when no
+  config file for the interface is found (update and re-indent Patch0)
+
+* Thu Feb 24 2005 Oden Eriksson <oeriksson@mandrakesoft.com> 3.0.2-1mdk
+- 3.0.2
+
+* Fri Feb 04 2005 Buchan Milne <bgmilne@linux-mandrake.com> 3.0.1-9mdk
+- rebuild for ldap2.2_7
+
+* Wed Feb 02 2005 Frederic Lepied <flepied@mandrakesoft.com> 3.0.1-8mdk
+- back to standard 60 seconds timeout.
+
+* Wed Feb 02 2005 Frederic Lepied <flepied@mandrakesoft.com> 3.0.1-7mdk
+- default timeout to 5 seconds
+
+* Fri Dec 24 2004 Oden Eriksson <oeriksson@mandrakesoft.com> 3.0.1-6mdk
+- new ldap patch
+- renumber sources and patches
+- bzip sources
+- added P2 that allows us to run it chroot
+- added S8 that makes it easier to chroot the server
+- fixed S3 to make use of P2 & S8
+- fix pid file location for the dhcpd daemon
+- added P3 to make it build with latest cooker gcc (rock linux)
+- misc spec file fixes
+
+* Sat Jul 31 2004 Frederic Lepied <flepied@mandrakesoft.com> 3.0.1-5mdk
+- by default hostname is set
+
+* Sat Jul 31 2004 Frederic Lepied <flepied@mandrakesoft.com> 3.0.1-4mdk
+- assign default gateway by interface (updated patch1)
+
+* Fri Jul 30 2004 Frederic Lepied <flepied@mandrakesoft.com> 3.0.1-3mdk
+- only change the hostname if NEEDHOSTNAME=yes (updated patch1)
+
+* Thu Jul 29 2004 Buchan Milne <bgmilne@linux-mandrake.com> 3.0.1-2mdk
+- update ldap patch
+
+* Thu Jul 29 2004 Per Øyvind Karlsen <peroyvind@linux-mandrake.com> 3.0.1-1mdk
+- 3.0.1
+
+* Thu Jul 01 2004 Florin <florin@mandrakesoft.com> 3.0-1.rc14.2mdk
+- bring back the ldap patch and buildrequires
+
+* Tue Jun 29 2004 Florin <florin@mandrakesoft.com> 3.0-1.rc14.1mdk
+- rebuild for cooker
+
+* Tue Jun 22 2004 Vincent Danen <vdanen@mandrakesoft.com> 3.0-1.rc14.0.1.100mdk
+- 3.0.1rc14
+- security fixes for CAN-2004-0460 (VU#317350) and CAN-2004-0461 (VU#654390)
+
+* Wed May 05 2004 Per Øyvind Karlsen <peroyvind@linux-mandrake.com> 3.0-1.rc13.6mdk
+- fix buildrequires
+
+* Sat Apr 24 2004 Florin <florin@mandrakesoft.com> 3.0-1.rc13.5mdk
+- add the dhcp-ldap support
+