git.ipfire.org Git - thirdparty/systemd.git/commit

]> git.ipfire.org Git - thirdparty/systemd.git/commit

projects / thirdparty / systemd.git / commit

author	Yu Watanabe <watanabe.yu+github@gmail.com>
	Wed, 23 Jun 2021 16:22:07 +0000 (01:22 +0900)
committer	Zbigniew Jędrzejewski-Szmek <zbyszek@in.waw.pl>
	Tue, 20 Jul 2021 15:54:16 +0000 (17:54 +0200)
commit	f53d610144ca729a7e727fc6d3e86e3a4a2a53ed
tree	677e253cf1a596272544c46c7bea33583806f460	tree \| snapshot
parent	173d07a916f0a76a69b0ef4a26c0df5111cf9c70	commit \| diff

sd-dhcp-client: tentatively ignore FORCERENEW command

This makes DHCP client ignore FORCERENEW requests, as unauthenticated
FORCERENEW requests causes a security issue (TALOS-2020-1142, CVE-2020-13529).

Let's re-enable this after RFC3118 (Authentication for DHCP Messages)
and/or RFC6704 (Forcerenew Nonce Authentication) are implemented.

Fixes #16774.

(cherry picked from commit 38e980a6a5a3442c2f48b1f827284388096d8ca5)
(cherry picked from commit 3ec1234d1e3195849088b2a3c70fbdefebeadc35)

src/libsystemd-network/sd-dhcp-client.c

diff | blob | blame | history

Unnamed repository; edit this file 'description' to name the repository.

RSS Atom