A very important update:

  • udev: uses the logerr framework so that udev debug goes into the debug file
  • BSD: fix a segfault when IPv6 addresses are present and carrier changes (not NetBSD)
  • dhcp6: fix a null termination overflow on status messages (dhcpcd-7 branch only)
  • options: static routes can be setup in global context again
  • routes: dhcpcd added host routes are now reported correctly

dhcpcd-7.0.0, 7.0.1 and 7.0.2 are vulnerable to the DHCP6 issue where the message is copied from the DHCP6 option into a buffer, but is NULL terminated beyond the size of the buffer. dhcpcd-6 is not vulnerable.

ftp://roy.marples.name/pub/dhcpcd/dhcpcd-7.0.3.tar.xz
ftp://roy.marples.name/pub/dhcpcd/dhcpcd-7.0.3.tar.xz.distinfo.asc
https://roy.marples.name/downloads/dhcpcd/dhcpcd-7.0.3.tar.xz
https://roy.marples.name/downloads/dhcpcd/dhcpcd-7.0.3.tar.xz.distinfo.asc