On Mon, 13 Jul 2026 13:50:44 +0300 =?utf-8?q?Martin-=C3=89ric_Racine?=
<[email protected]> wrote:
> Package: release.debian.org
> Severity: normal
> Tags: bullseye
> User: [email protected]
> Usertags: pu
> X-Debbugs-Cc: [email protected], [email protected]
> Control: affects -1 + src:dhcpcd5
>
> [ Reason ]
> Backporting a fix for a minor CVE reported by the maintainer dashboard.
>
> CVE-2025-70102 was fixed in the following Debian versions:
>
> dhcpcd5 9.4.1-24~deb12u5
> dhcpcd 1:10.1.0-11+deb13u3
>
> The issue has been fixed upstream since 10.3.1 (Sid has 10.3.2).
>
> [ Impact ]
> Minor issue; NULL deref only via malformed local dhcpcd.conf; not
> network-reachable.
>
> [ Tests ]
> None. I don't have any Bullseye host to test with. However, the same one-line
> fix is
> verifided to work on Bookworm (9.4.1-24~deb12u5) and Trixie
> (1:10.1.0-11+deb13u3).
>
> [ Risks ]
> Minor. Single character fix for a NULL defref.
>
> [ Checklist ]
> [x] *all* changes are documented in the d/changelog
> [x] I reviewed all changes and I approve them
> [x] attach debdiff against the package in (old)stable
> [x] the issue is verified as fixed in unstable
>
> [ Changes ]
> dhcpcd5 (7.1.0-2+deb11u1) bullseye; urgency=medium
> * [patches]
> + Cherry-pick upstream fix for CVE-2025-70102 (commit 117742d).
> = Refresh all patches.
> * [control]
> = Putting myself as Maintainer since I maintain current releases.
> * [salsa-ci.yml]
> + Implement basic CI support using the stock Debian pipeline include.
Having noticed some Lintian and CI issues afterwards, the Changes
would be as follow:
dhcpcd5 (7.1.0-2+deb11u2) bullseye; urgency=medium
.
* [control]
= Update Depends to sysvinit-utils (>= 3.05-4~) | lsb-base (>= 3.0-6).
* [copyright]
+ Add myself to debian/* block.
* [upstream]
+ Add upstream PGP key to quiet uscan.
* [watch]
= Update to current Github URL.
.
dhcpcd5 (7.1.0-2+deb11u1) bullseye; urgency=medium
.
* [patches]
+ Cherry-pick upstream fix for CVE-2025-70102 (commit 117742d).
= Refresh all patches.
* [control]
= Putting myself as Maintainer since I maintain current releases.
* [salsa-ci.yml]
+ Implement basic CI support using the stock Debian pipeline include.
debdiff attached.
Martin-Éric
diff -Nru dhcpcd5-7.1.0/debian/changelog dhcpcd5-7.1.0/debian/changelog
--- dhcpcd5-7.1.0/debian/changelog 2019-05-05 16:55:14.000000000 +0300
+++ dhcpcd5-7.1.0/debian/changelog 2026-07-13 14:36:06.000000000 +0300
@@ -1,3 +1,28 @@
+dhcpcd5 (7.1.0-2+deb11u2) bullseye; urgency=medium
+
+ * [control]
+ = Update Depends to sysvinit-utils (>= 3.05-4~) | lsb-base (>= 3.0-6).
+ * [copyright]
+ + Add myself to debian/* block.
+ * [upstream]
+ + Add upstream PGP key to quiet uscan.
+ * [watch]
+ = Update to current Github URL.
+
+ -- Martin-Éric Racine <[email protected]> Mon, 13 Jul 2026 14:36:06
+0300
+
+dhcpcd5 (7.1.0-2+deb11u1) bullseye; urgency=medium
+
+ * [patches]
+ + Cherry-pick upstream fix for CVE-2025-70102 (commit 117742d).
+ = Refresh all patches.
+ * [control]
+ = Putting myself as Maintainer since I maintain current releases.
+ * [salsa-ci.yml]
+ + Implement basic CI support using the stock Debian pipeline include.
+
+ -- Martin-Éric Racine <[email protected]> Mon, 13 Jul 2026 12:45:39
+0300
+
dhcpcd5 (7.1.0-2) unstable; urgency=high
* Apply upstream patches to fix potential security vulnerabilities:
diff -Nru dhcpcd5-7.1.0/debian/control dhcpcd5-7.1.0/debian/control
--- dhcpcd5-7.1.0/debian/control 2019-05-03 16:14:43.000000000 +0300
+++ dhcpcd5-7.1.0/debian/control 2026-07-13 14:33:50.000000000 +0300
@@ -1,7 +1,7 @@
Source: dhcpcd5
Section: net
Priority: optional
-Maintainer: Scott Leggett <[email protected]>
+Maintainer: Martin-Éric Racine <[email protected]>
Build-Depends:
debhelper (>= 11)
Standards-Version: 4.3.0
@@ -14,7 +14,7 @@
dhcp-client
Architecture: any
Depends:
- lsb-base (>= 3.0-6),
+ sysvinit-utils (>= 3.05-4~) | lsb-base (>= 3.0-6),
${misc:Depends},
${shlibs:Depends}
Replaces:
diff -Nru dhcpcd5-7.1.0/debian/copyright dhcpcd5-7.1.0/debian/copyright
--- dhcpcd5-7.1.0/debian/copyright 2019-05-03 16:14:43.000000000 +0300
+++ dhcpcd5-7.1.0/debian/copyright 2026-07-13 14:27:07.000000000 +0300
@@ -61,6 +61,7 @@
2013 Christoph Egger <[email protected]>
2014 Salvatore Bonaccorso <[email protected]>
2015 Daniel Echeverry <[email protected]>
+ 2026 Martin-Éric Racine <[email protected]>
License: BSD-2
Files: debian/hooks/*
diff -Nru dhcpcd5-7.1.0/debian/patches/0001-Fix-typo-in-manpage.patch
dhcpcd5-7.1.0/debian/patches/0001-Fix-typo-in-manpage.patch
--- dhcpcd5-7.1.0/debian/patches/0001-Fix-typo-in-manpage.patch 2019-05-05
16:55:14.000000000 +0300
+++ dhcpcd5-7.1.0/debian/patches/0001-Fix-typo-in-manpage.patch 2026-07-13
13:23:45.000000000 +0300
@@ -6,11 +6,9 @@
src/dhcpcd.conf.5.in | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
-diff --git a/src/dhcpcd.conf.5.in b/src/dhcpcd.conf.5.in
-index f792b15..b950fa0 100644
--- a/src/dhcpcd.conf.5.in
+++ b/src/dhcpcd.conf.5.in
-@@ -83,7 +83,7 @@ is
+@@ -83,7 +83,7 @@
.Ar token
then
.Ar algorithm is
diff -Nru
dhcpcd5-7.1.0/debian/patches/0002-DHCPv6-Fix-a-potential-buffer-overflow-reading-NA-TA.patch
dhcpcd5-7.1.0/debian/patches/0002-DHCPv6-Fix-a-potential-buffer-overflow-reading-NA-TA.patch
---
dhcpcd5-7.1.0/debian/patches/0002-DHCPv6-Fix-a-potential-buffer-overflow-reading-NA-TA.patch
2019-05-05 16:55:14.000000000 +0300
+++
dhcpcd5-7.1.0/debian/patches/0002-DHCPv6-Fix-a-potential-buffer-overflow-reading-NA-TA.patch
2026-07-13 13:23:45.000000000 +0300
@@ -12,11 +12,9 @@
src/dhcp6.c | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
-diff --git a/src/dhcp6.c b/src/dhcp6.c
-index 6fef989..26db219 100644
--- a/src/dhcp6.c
+++ b/src/dhcp6.c
-@@ -2016,12 +2016,12 @@ dhcp6_findna(struct interface *ifp, uint16_t ot, const
uint8_t *iaid,
+@@ -2016,12 +2016,12 @@
nd = o + ol;
l -= (size_t)(nd - d);
d = nd;
diff -Nru
dhcpcd5-7.1.0/debian/patches/0003-DHCP-Fix-a-potential-1-byte-read-overflow-with-DHO_O.patch
dhcpcd5-7.1.0/debian/patches/0003-DHCP-Fix-a-potential-1-byte-read-overflow-with-DHO_O.patch
---
dhcpcd5-7.1.0/debian/patches/0003-DHCP-Fix-a-potential-1-byte-read-overflow-with-DHO_O.patch
2019-05-05 16:55:14.000000000 +0300
+++
dhcpcd5-7.1.0/debian/patches/0003-DHCP-Fix-a-potential-1-byte-read-overflow-with-DHO_O.patch
2026-07-13 13:23:45.000000000 +0300
@@ -12,11 +12,9 @@
src/dhcp.c | 10 ++++++----
1 file changed, 6 insertions(+), 4 deletions(-)
-diff --git a/src/dhcp.c b/src/dhcp.c
-index 1816034..502c592 100644
--- a/src/dhcp.c
+++ b/src/dhcp.c
-@@ -212,6 +212,12 @@ get_option(struct dhcpcd_ctx *ctx,
+@@ -212,6 +212,12 @@
}
l = *p++;
@@ -29,7 +27,7 @@
if (o == DHO_OPTSOVERLOADED) {
/* Ensure we only get this option once by setting
* the last bit as well as the value.
-@@ -246,10 +252,6 @@ get_option(struct dhcpcd_ctx *ctx,
+@@ -246,10 +252,6 @@
bp += ol;
}
ol = l;
diff -Nru
dhcpcd5-7.1.0/debian/patches/0004-auth-Use-consttime_memequal-3-to-compare-hashes.patch
dhcpcd5-7.1.0/debian/patches/0004-auth-Use-consttime_memequal-3-to-compare-hashes.patch
---
dhcpcd5-7.1.0/debian/patches/0004-auth-Use-consttime_memequal-3-to-compare-hashes.patch
2019-05-05 16:55:14.000000000 +0300
+++
dhcpcd5-7.1.0/debian/patches/0004-auth-Use-consttime_memequal-3-to-compare-hashes.patch
2026-07-13 13:23:45.000000000 +0300
@@ -24,9 +24,6 @@
3 files changed, 51 insertions(+), 1 deletion(-)
create mode 100644 compat/consttime_memequal.h
-diff --git a/compat/consttime_memequal.h b/compat/consttime_memequal.h
-new file mode 100644
-index 0000000..9830648
--- /dev/null
+++ b/compat/consttime_memequal.h
@@ -0,0 +1,28 @@
@@ -58,11 +55,9 @@
+ return (1 & ((res - 1) >> 8));
+}
+#endif /* CONSTTIME_MEMEQUAL_H */
-diff --git a/configure b/configure
-index d0a80ba..0dce3bd 100755
--- a/configure
+++ b/configure
-@@ -13,6 +13,7 @@ IPV4LL=
+@@ -13,6 +13,7 @@
INET6=
ARC4RANDOM=
CLOSEFROM=
@@ -70,7 +65,7 @@
STRLCPY=
UDEV=
OS=
-@@ -846,6 +847,27 @@ if [ "$STRTOI" = no ]; then
+@@ -846,6 +847,27 @@
echo "#include \"compat/strtoi.h\"" >>$CONFIG_H
fi
@@ -98,11 +93,9 @@
if [ -z "$DPRINTF" ]; then
printf "Testing for dprintf ... "
cat <<EOF >_dprintf.c
-diff --git a/src/auth.c b/src/auth.c
-index 9e24998..ce97051 100644
--- a/src/auth.c
+++ b/src/auth.c
-@@ -354,7 +354,7 @@ gottoken:
+@@ -354,7 +354,7 @@
}
free(mm);
diff -Nru
dhcpcd5-7.1.0/debian/patches/0005-DHCPv6-Fix-a-potential-read-overflow-with-D6_OPTION_.patch
dhcpcd5-7.1.0/debian/patches/0005-DHCPv6-Fix-a-potential-read-overflow-with-D6_OPTION_.patch
---
dhcpcd5-7.1.0/debian/patches/0005-DHCPv6-Fix-a-potential-read-overflow-with-D6_OPTION_.patch
2019-05-05 16:55:14.000000000 +0300
+++
dhcpcd5-7.1.0/debian/patches/0005-DHCPv6-Fix-a-potential-read-overflow-with-D6_OPTION_.patch
2026-07-13 13:23:45.000000000 +0300
@@ -21,11 +21,9 @@
src/dhcp6.c | 42 ++++++++++++++++++++----------------------
1 file changed, 20 insertions(+), 22 deletions(-)
-diff --git a/src/dhcp6.c b/src/dhcp6.c
-index 26db219..92e6c90 100644
--- a/src/dhcp6.c
+++ b/src/dhcp6.c
-@@ -2153,40 +2153,38 @@ dhcp6_findpd(struct interface *ifp, const uint8_t
*iaid,
+@@ -2153,40 +2153,38 @@
state->expire = a->prefix_vltime;
i++;
diff -Nru
dhcpcd5-7.1.0/debian/patches/117742d755b591764036dd4218f314f748a3d2b7.patch
dhcpcd5-7.1.0/debian/patches/117742d755b591764036dd4218f314f748a3d2b7.patch
--- dhcpcd5-7.1.0/debian/patches/117742d755b591764036dd4218f314f748a3d2b7.patch
1970-01-01 02:00:00.000000000 +0200
+++ dhcpcd5-7.1.0/debian/patches/117742d755b591764036dd4218f314f748a3d2b7.patch
2026-07-13 13:23:45.000000000 +0300
@@ -0,0 +1,24 @@
+From 117742d755b591764036dd4218f314f748a3d2b7 Mon Sep 17 00:00:00 2001
+From: Roy Marples <[email protected]>
+Date: Sun, 21 Dec 2025 08:31:52 +0000
+Subject: [PATCH] options: Ensure ldop is not NULL dereferenced (#568)
+
+ldop itself cannot be non NULL as it points to the location.
+but *ldop CAN be NULL.
+
+Fixes #567.
+---
+ src/if-options.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+--- a/src/if-options.c
++++ b/src/if-options.c
+@@ -1586,7 +1586,7 @@
+ if (*edop) {
+ dop = &(*edop)->embopts;
+ dop_len = &(*edop)->embopts_len;
+- } else if (ldop) {
++ } else if (*ldop) {
+ dop = &(*ldop)->embopts;
+ dop_len = &(*ldop)->embopts_len;
+ } else {
diff -Nru dhcpcd5-7.1.0/debian/patches/series
dhcpcd5-7.1.0/debian/patches/series
--- dhcpcd5-7.1.0/debian/patches/series 2019-05-05 16:55:14.000000000 +0300
+++ dhcpcd5-7.1.0/debian/patches/series 2026-07-13 13:23:45.000000000 +0300
@@ -3,3 +3,5 @@
0003-DHCP-Fix-a-potential-1-byte-read-overflow-with-DHO_O.patch
0004-auth-Use-consttime_memequal-3-to-compare-hashes.patch
0005-DHCPv6-Fix-a-potential-read-overflow-with-D6_OPTION_.patch
+#7.1.0-2+deb11u1
+117742d755b591764036dd4218f314f748a3d2b7.patch
diff -Nru dhcpcd5-7.1.0/debian/salsa-ci.yml dhcpcd5-7.1.0/debian/salsa-ci.yml
--- dhcpcd5-7.1.0/debian/salsa-ci.yml 1970-01-01 02:00:00.000000000 +0200
+++ dhcpcd5-7.1.0/debian/salsa-ci.yml 2026-07-13 13:23:45.000000000 +0300
@@ -0,0 +1,3 @@
+---
+include:
+ -
https://salsa.debian.org/salsa-ci-team/pipeline/raw/master/recipes/debian.yml
diff -Nru dhcpcd5-7.1.0/debian/upstream/signing-key.asc
dhcpcd5-7.1.0/debian/upstream/signing-key.asc
--- dhcpcd5-7.1.0/debian/upstream/signing-key.asc 1970-01-01
02:00:00.000000000 +0200
+++ dhcpcd5-7.1.0/debian/upstream/signing-key.asc 2026-04-30
17:06:20.000000000 +0300
@@ -0,0 +1,37 @@
+-----BEGIN PGP PUBLIC KEY BLOCK-----
+
+xsBNBEkrCoIBCACyCfZ4qEaFPi33OT1EYDziIOb5KnvW3E9zP7O8oHGmhzi+v11X
+AsShyiQCFaKD3QgQ/Ra5TV6mjfjV2fPjSXp6wVy9ojvmIFpvIgu1AQJIqkYl0jpV
+JFNT1n9RcI3RkZdYYbxkncmp3M8NMhWo0Txpuw6dx2c7gLeQp0PQiwJUPiLS1rUw
+KQLFGnPfvMu4koCoxeyYydijR8XuMmEk3KkYxqDKw81IljwhvOiJa9AVik01GMnE
+C+9xQcrdaa5+0yqPt3n/9WrGk+yC2oLiSjGgJHNB7niU716gf5HVUYrqEdiuVw4+
+scSjEdCOmRoWcq6D84EIkoXXX0gurSLcHh7xABEBAAHNHlJveSBNYXJwbGVzIDxy
+b3lAbWFycGxlcy5uYW1lPsLAkQQTAQgAOxYhBKeF7SdVlV2ek+pZ9ll/l+qa1FVJ
+BQJkRp31AhsDBQsJCAcCAiICBhUKCQgLAgQWAgMBAh4HAheAAAoJEFl/l+qa1FVJ
+0u8H/2DUrOEsJYpCSRJTvVX+swpFlsnfq55z0/27QwbPmtHak61WTzfr8psBki4g
+xKjpyVTpmvXhJVMzCVoMmUCRbYui2BCJ562yM7puxT3e6H8cCdjoezymkhPp9g2A
+Xm2QuHvhVvSi1spilgDm5S3o7E6qeoz2NDkItnXuwYvc3uKAUIg9hfSRjXDopV+H
+bo0G4pDI010hr3eRRmcZgPcvL4mzxeLasV9ZVFLCQ78C9h2+SzmkcOXE/SAFNT3J
+sg7Z5ferEninNiFIDVSDFg9eunA/uhY45waggtjUSjsgCS4PcJnXsDz/dUCyUvNH
+PHi48tImjP9oFXCQcMWYUZyIk9PNJVJveSBNYXJwbGVzIChOZXRCU0QpIDxyb3lA
+TmV0QlNELm9yZz7CwHgEEwECACIFAkuAGkkCGwMGCwkIBwMCBhUIAgkKCwQWAgMB
+Ah4BAheAAAoJEFl/l+qa1FVJHnMH/2zHxpWdNcfMCkOvUo9ZVGjS2K57fKCIb2EH
+whyQPqFcY4OtFYNCJC75s4imY5ym24PCeFxxXG8GLMqgVtK5Bbrnx0UMI68x6UzP
++2ap+SBDFE7FaudCAbdX48ABkrHdLA7VzB+Bk/AbpqEIKz86o8NFVFdAxMLdwrLd
+TjGG3figbGEOqBIlFog5c+9ijn8uvhRYW3dIb6b4hQ6laOfmZwKAThVhx3Dk9RBH
+9DkHe7jD8+PJ05zdCgAa0cx7w7C/eMcpNNakPLASpgzCEmVCobgpuoEcZXmEv8hJ
+ZYQ3bzzKEIHhzQNd5Ack7r7r5MrFspD6y5Q419DybL3NiU9gcdjOwE0ESSsK+gEI
+AMOYyNnU8QvuP68M3ODgzy3NgqwUViZCTXKiaJhpCgQWTvVYHFMN/DSCBKIWjpJn
+B11rVlzeRRO6sjOBl9wiIOCcvv20Soc2sRdysTH7K4stgLFIFXIqT9QxGeaJwe+l
+oSwjtbrCZW7G90H4DMfhM/VbEZjv817434XNIAd3fn2sykOnwm9B8vMdy8jk1/vj
++/lmU/YYFkHLKausbkr+FHRaBLJyBBin/Po5D953BaSe/ATN2IGHSfPo0P4hqJ/G
+8Tg8QTeBysDk1UpxePY4Sas/rlkmyi/4ssn65BwsUe9W4BxOjX4XO5Pkg368CVo8
+/rk13uGqzqFFFkShj1BaRtEAEQEAAcLAdgQYAQgAIAIbDBYhBKeF7SdVlV2ek+pZ
+9ll/l+qa1FVJBQJkRpwjAAoJEFl/l+qa1FVJ5o4H/0M8J+BaAIRcmq6IPnRknvU9
+FiIXCXliuPOZm0a6Vc+U+a5rr8ErSJXzAK/IqtOzHn7KUrlHT/V6w5VRSmIFjR5e
+JVXhdcYB9PywxBjr6ffD7v2X4EGhQCTNzrbwmsXP9PF5ES4s++hZa3XO0fbfxnwO
+cu+4jJAENupk9lxduXlU2FIoKKctGpzW8RRmM8b5Afi0XLKfR8w+eL7HXtsIfYqo
+QMSOuCupmNd+iWS+RZXm0yl30qnLzKs+ZMUvWgkkTZEUFR29yYnPLBQMcq0c7QVo
+iCC8dtq0EwWROJeo+dVtczXZORQ3VPM880fBqy2Ppu61lL8OMUlLxmrxqPFakcY=
+=S+ww
+-----END PGP PUBLIC KEY BLOCK-----
diff -Nru dhcpcd5-7.1.0/debian/watch dhcpcd5-7.1.0/debian/watch
--- dhcpcd5-7.1.0/debian/watch 2019-05-03 16:14:43.000000000 +0300
+++ dhcpcd5-7.1.0/debian/watch 2026-04-30 17:06:20.000000000 +0300
@@ -1,3 +1,4 @@
-version=3
-https://roy.marples.name/downloads/dhcpcd/dhcpcd-([0-9\.]*)\.(?:zip|tgz|tbz|txz|(?:tar\.(?:gz|bz2|xz)))
debian uupdate
-
+version=4
+opts="mode=git,pgpmode=gittag" \
+https://github.com/NetworkConfiguration/dhcpcd.git refs/tags/v([\d\.]+) \
+debian uupdate --no-symlink