[AUTOPATCHER-CORE] Upgrade dhcp to 4.4.3 Fix for CVE-2022-2928 and CV…

…E-2022-2929 (#8880)
microsoft · Apr 25, 2024 · f09667a · f09667a
1 parent e5c48b8
commit f09667a
Show file tree

Hide file tree

Showing 4 changed files with 11 additions and 39 deletions.
diff --git a/SPECS/dhcp/CVE-2021-25217.patch b/SPECS/dhcp/CVE-2021-25217.patch
diff --git a/SPECS/dhcp/dhcp.signatures.json b/SPECS/dhcp/dhcp.signatures.json
@@ -1,5 +1,5 @@
 {
- "Signatures": {
-  "dhcp-4.4.2.tar.gz": "1a7ccd64a16e5e68f7b5e0f527fd07240a2892ea53fe245620f4f5f607004521"
- }
-}
+  "Signatures": {
+    "dhcp-4.4.3.tar.gz": "0e3ec6b4c2a05ec0148874bcd999a66d05518378d77421f607fb0bc9d0135818"
+  }
+}
diff --git a/SPECS/dhcp/dhcp.spec b/SPECS/dhcp/dhcp.spec
@@ -1,11 +1,10 @@
 Summary:        Dynamic host configuration protocol
 Name:           dhcp
-Version:        4.4.2
-Release:        6%{?dist}
+Version:        4.4.3
+Release:        1%{?dist}
 License:        MPLv2.0
 Url:            https://www.isc.org/dhcp/
 Source0:        ftp://ftp.isc.org/isc/dhcp/%{version}/%{name}-%{version}.tar.gz
-Patch1:         CVE-2021-25217.patch
 Group:          System Environment/Base
 Vendor:         Microsoft Corporation
 Distribution:   Mariner
@@ -170,6 +169,9 @@ mkdir -p %{buildroot}%{_localstatedir}/lib/dhclient/
 %{_mandir}/man8/dhclient.8.gz
 
 %changelog
+* Tue Apr 23 2024 CBL-Mariner Servicing Account <[email protected]> - 4.4.3-1
+- Auto-upgrade to 4.4.3 - Fix for CVE-2022-2928 and CVE-2022-2929
+
 * Wed Sep 20 2023 Jon Slobodzian <[email protected]> - 4.4.2-6
 - Recompile with stack-protection fixed gcc version (CVE-2023-4039)
 

diff --git a/cgmanifest.json b/cgmanifest.json
@@ -2588,8 +2588,8 @@
         "type": "other",
         "other": {
           "name": "dhcp",
-          "version": "4.4.2",
-          "downloadUrl": "ftp://ftp.isc.org/isc/dhcp/4.4.2/dhcp-4.4.2.tar.gz"
+          "version": "4.4.3",
+          "downloadUrl": "ftp://ftp.isc.org/isc/dhcp/4.4.3/dhcp-4.4.3.tar.gz"
         }
       }
     },