[Availability]
The package dhcpcd5 is already in Ubuntu universe.
The package dhcpcd5 builds for the architectures it is designed to work on.
It currently builds and works for architectures: amd64, arm64, armhf, ppc64el, riscv64, s390x
Link to package https://launchpad.net/ubuntu/+source/dhcpcd5
[Rationale]
The package dhcpcd5 is required in Ubuntu main to replace isc-dhcp-client.
ISC has announced the end of life for ISC DHCP as of the end of 2022.
In FO092 specification, we compare the alternatives among dhcpcd, udhcpc,
ipconfig, dhclient, systemd-networkd, network-manager, dhcpcanon.
dhcpcd is small (to be included in initramfs), supports DHCPv6, can be called
from shell (to be used in initramfs and cloud-init). It’s the best candidate currently.
The package dhcpcd5 is required in Ubuntu main no later than 23.10 release.
So in 24.04 we can have sufficient time to replace the usage of isc-dhcp-client,
and finally demote isc-dhcp-client to universe.
dhcpcd itself conflicts/replaces isc-dhcp-client, which is needed by ubuntu-minimal.
So Ubuntu autopkgtest can't run the tests.
We want to drop isc-dhcp-client in the future, so it should be ok currently.
Notably, the tests pass on Debian, https://ci.debian.net/packages/d/dhcpcd5/
[Quality assurance - packaging]
- debian/watch is present but not works because upstream no longer provides
tarball on their website.
It has been fixed in https://salsa.debian.org/debian/dhcpcd5/-/commit/4fe065dbf546e4e79b0327cb91dc883a34380a88
not uploaded yet.
- debian/control defines a correct Maintainer field (no Ubuntu delta)
- This package does not yield massive lintian Warnings, Errors
- Please link to a recent build log of the package https://launchpad.net/ubuntu/+source/dhcpcd5/9.4.1-21/+build/26015669/+files/buildlog_ubuntu-mantic-amd64.dhcpcd5_9.4.1-21_BUILDING.txt.gz
- Please attach the full output you have got from
W: dhcpcd: changelog-distribution-does-not-match-changes-file unstable != mantic [usr/share/doc/dhcpcd/changelog.Debian.gz:1]
W: dhcpcd-base: changelog-distribution-does-not-match-changes-file unstable != mantic [usr/share/doc/dhcpcd-base/changelog.Debian.gz:1]
W: dhcpcd5: changelog-distribution-does-not-match-changes-file unstable != mantic [usr/share/doc/dhcpcd5/changelog.Debian.gz:1]
W: dhcpcd5 changes: distribution-and-changes-mismatch mantic unstable
W: dhcpcd-base: groff-message command exited with status 1: /usr/libexec/man-db/zsoelim | /usr/libexec/man-db/manconv -f UTF-8:ISO-8859-1 -t UTF-8//IGNORE | preconv -e UTF-8 | groff -mandoc -Z -rLL=117n -rLT=117n -wmac -Tutf8 [usr/share/man/man5/dhcpcd.conf.5.gz:1]
W: dhcpcd-base: groff-message command exited with status 1: /usr/libexec/man-db/zsoelim | /usr/libexec/man-db/manconv -f UTF-8:ISO-8859-1 -t UTF-8//IGNORE | preconv -e UTF-8 | groff -mandoc -Z -rLL=117n -rLT=117n -wmac -Tutf8 [usr/share/man/man8/dhcpcd-run-hooks.8.gz:1]
W: dhcpcd-base: groff-message command exited with status 1: /usr/libexec/man-db/zsoelim | /usr/libexec/man-db/manconv -f UTF-8:ISO-8859-1 -t UTF-8//IGNORE | preconv -e UTF-8 | groff -mandoc -Z -rLL=117n -rLT=117n -wmac -Tutf8 [usr/share/man/man8/dhcpcd.8.gz:1]
- Lintian overrides are not present
- This package does not rely on obsolete or about to be demoted packages.
- This package has no python2 or GTK2 dependencies
- The package will be installed by default, but does not ask debconf
questions higher than medium (no debconf questions)
- Packaging and build is easy, link to debian/rules https://salsa.debian.org/debian/dhcpcd5/-/blob/debian/sid/debian/rules
[UI standards]
- Application is not end-user facing (does not need translation)
[Dependencies]
- No further depends or recommends dependencies that are not yet in main
[Standards compliance]
- This package correctly follows FHS and Debian Policy
[Maintenance/Owner]
- Owning Team will be Foundations team
- Team is not yet, but will subscribe to the package before promotion
- This does not use static builds
- This does not use vendored code
- This package is not rust based
- The package has been built in the archive more recently than the last
test rebuild
[Availability] /launchpad. net/ubuntu/ +source/ dhcpcd5
The package dhcpcd5 is already in Ubuntu universe.
The package dhcpcd5 builds for the architectures it is designed to work on.
It currently builds and works for architectures: amd64, arm64, armhf, ppc64el, riscv64, s390x
Link to package https:/
[Rationale]
The package dhcpcd5 is required in Ubuntu main to replace isc-dhcp-client.
ISC has announced the end of life for ISC DHCP as of the end of 2022.
In FO092 specification, we compare the alternatives among dhcpcd, udhcpc,
ipconfig, dhclient, systemd-networkd, network-manager, dhcpcanon.
dhcpcd is small (to be included in initramfs), supports DHCPv6, can be called
from shell (to be used in initramfs and cloud-init). It’s the best candidate currently.
The package dhcpcd5 is required in Ubuntu main no later than 23.10 release.
So in 24.04 we can have sufficient time to replace the usage of isc-dhcp-client,
and finally demote isc-dhcp-client to universe.
[Security] /ubuntu. com/security/ CVE-2005- 1848 allows remote attackers to cause a denial of service (daemon crash) /ubuntu. com/security/ CVE-2011- 0996 allows remote attackers to execute arbitrary commands /ubuntu. com/security/ CVE-2012- 2152 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code /ubuntu. com/security/ CVE-2012- 6698 allows remote DHCP servers to cause a denial of service (out-of-bounds write) /ubuntu. com/security/ CVE-2012- 6699 allows remote DHCP servers to cause a denial of service (out-of-bounds read) /ubuntu. com/security/ CVE-2012- 6700 allows remote DHCP servers to cause a denial of service /ubuntu. com/security/ CVE-2014- 6060 allows remote DHCP servers to cause a denial of service /ubuntu. com/security/ CVE-2014- 7912 allows remote DHCP servers to execute arbitrary code or cause a denial of service (memory corruption) /ubuntu. com/security/ CVE-2014- 7913 allows remote DHCP servers to execute arbitrary code or cause a denial of service (memory corruption) /ubuntu. com/security/ CVE-2016- 1503 allows remote attackers to execute arbitrary code or cause a denial of service (heap-based buffer overflow) /ubuntu. com/security/ CVE-2016- 1504 allows remote attackers to cause a denial of service (invalid read and crash) /ubuntu. com/security/ CVE-2019- 11577 contains a buffer overflow /ubuntu. com/security/ CVE-2019- 11578 allowed attackers to infer secrets /ubuntu. com/security/ CVE-2019- 11579 contains a 1-byte read overflow /ubuntu. com/security/ CVE-2019- 11766 buffer over-read /launchpad. net/ubuntu/ +source/ dhcpcd5/ 6.0.5-2build0. 14.04.1 Namespaces, Realtime, SUIDSGID}, SystemCallFilter, vices, LockPersonality, MemoryDenyWrite Execute, dhcpcd/ dhcpcd- hooks/
- Had 15 security issues in the past
- links to such security issues in trackers
https:/
https:/
https:/
https:/
https:/
https:/
https:/
https:/
https:/
https:/
https:/
https:/
https:/
https:/
https:/
- context that shows how these issues got handled in
the past
https:/
A fakesync from Debian to trusty-security for CVE-2014-6060
- no `suid` or `sgid` binaries
- Binary dhcpcd in /usr/sbin/dhcpcd is no problem because it’s expected to be executed by daemon scripts or services.
- Package dhcpcd-base does not install services, timers or recurring jobs
- Package dhcpcd does install services, timers or recurring jobs
- dhcpcd.service
Hardened systemd service, Protect{System, Home, Clock, KernelModules, KernelLogs, ControlGroups},
Restrict{
PrivateDe
- dhcpcd@.service
Not used by default, for single network interface.
- Package does open privileged ports (ports < 1024).
- DHCPv6 client port: 546/UDP
- BOOTP client port: 68/UDP
- Packages contains extensions to security-sensitive software
hook plugins in /usr/lib/
[Quality assurance - function/usage]
- The package works well right after install
[Quality assurance - maintenance] Ubuntu/ Upstream and does /bugs.launchpad .net/ubuntu/ +source/ dhcpcd5/ +bug /bugs.debian. org/cgi- bin/pkgreport. cgi?src= dhcpcd5 /github. com/NetworkConf iguration/ dhcpcd/ issues /bugs.debian. org/cgi- bin/bugreport. cgi?bug= 1034465 dhcpcd -U results in "Bad system call"
- The package is maintained well in Debian/
not have too many, long-term & critical, open bugs
- Ubuntu https:/
- Debian https:/
- Upstream's bug tracker
https:/
- The package has important open bugs, listing them:
- https:/
Fixed in the new release, but it’s not uploaded due to freeze in Debian.
- The package does not deal with exotic hardware we cannot support
[Quality assurance - testing] /launchpad. net/ubuntu/ +source/ dhcpcd5/ 9.4.1-21/ +build/ 26015669/ +files/ buildlog_ ubuntu- mantic- amd64.dhcpcd5_ 9.4.1-21_ BUILDING. txt.gz
- The package runs a test suite on build time, if it fails
it makes the build fail, link to build log
https:/
The tests are very trivial, not related to its core functionality. /github. com/NetworkConf iguration/ dhcpcd/ tree/master/ tests
https:/
- The package does have failing autopkgtests tests right now, but since /autopkgtest. ubuntu. com/packages/ d/dhcpcd5
they always fail, they are handled as "ignored failure".
https:/
dhcpcd itself conflicts/replaces isc-dhcp-client, which is needed by ubuntu-minimal. /ci.debian. net/packages/ d/dhcpcd5/
So Ubuntu autopkgtest can't run the tests.
We want to drop isc-dhcp-client in the future, so it should be ok currently.
Notably, the tests pass on Debian, https:/
[Quality assurance - packaging] /salsa. debian. org/debian/ dhcpcd5/ -/commit/ 4fe065dbf546e4e 79b0327cb91dc88 3a34380a88 /launchpad. net/ubuntu/ +source/ dhcpcd5/ 9.4.1-21/ +build/ 26015669/ +files/ buildlog_ ubuntu- mantic- amd64.dhcpcd5_ 9.4.1-21_ BUILDING. txt.gz distribution- does-not- match-changes- file unstable != mantic [usr/share/ doc/dhcpcd/ changelog. Debian. gz:1] distribution- does-not- match-changes- file unstable != mantic [usr/share/ doc/dhcpcd- base/changelog. Debian. gz:1] distribution- does-not- match-changes- file unstable != mantic [usr/share/ doc/dhcpcd5/ changelog. Debian. gz:1] and-changes- mismatch mantic unstable man-db/ zsoelim | /usr/libexec/ man-db/ manconv -f UTF-8:ISO-8859-1 -t UTF-8//IGNORE | preconv -e UTF-8 | groff -mandoc -Z -rLL=117n -rLT=117n -wmac -Tutf8 [usr/share/ man/man5/ dhcpcd. conf.5. gz:1] man-db/ zsoelim | /usr/libexec/ man-db/ manconv -f UTF-8:ISO-8859-1 -t UTF-8//IGNORE | preconv -e UTF-8 | groff -mandoc -Z -rLL=117n -rLT=117n -wmac -Tutf8 [usr/share/ man/man8/ dhcpcd- run-hooks. 8.gz:1] man-db/ zsoelim | /usr/libexec/ man-db/ manconv -f UTF-8:ISO-8859-1 -t UTF-8//IGNORE | preconv -e UTF-8 | groff -mandoc -Z -rLL=117n -rLT=117n -wmac -Tutf8 [usr/share/ man/man8/ dhcpcd. 8.gz:1]
- debian/watch is present but not works because upstream no longer provides
tarball on their website.
It has been fixed in https:/
not uploaded yet.
- debian/control defines a correct Maintainer field (no Ubuntu delta)
- This package does not yield massive lintian Warnings, Errors
- Please link to a recent build log of the package
https:/
- Please attach the full output you have got from
W: dhcpcd: changelog-
W: dhcpcd-base: changelog-
W: dhcpcd5: changelog-
W: dhcpcd5 changes: distribution-
W: dhcpcd-base: groff-message command exited with status 1: /usr/libexec/
W: dhcpcd-base: groff-message command exited with status 1: /usr/libexec/
W: dhcpcd-base: groff-message command exited with status 1: /usr/libexec/
- Lintian overrides are not present /salsa. debian. org/debian/ dhcpcd5/ -/blob/ debian/ sid/debian/ rules
- This package does not rely on obsolete or about to be demoted packages.
- This package has no python2 or GTK2 dependencies
- The package will be installed by default, but does not ask debconf
questions higher than medium (no debconf questions)
- Packaging and build is easy, link to debian/rules
https:/
[UI standards]
- Application is not end-user facing (does not need translation)
[Dependencies]
- No further depends or recommends dependencies that are not yet in main
[Standards compliance]
- This package correctly follows FHS and Debian Policy
[Maintenance/Owner]
- Owning Team will be Foundations team
- Team is not yet, but will subscribe to the package before promotion
- This does not use static builds
- This does not use vendored code
- This package is not rust based
- The package has been built in the archive more recently than the last
test rebuild
[Background information] /github. com/NetworkConf iguration/ dhcpcd /bugs.debian. org/cgi- bin/bugreport. cgi?bug= 1026169
- The Package description explains the package well
- Upstream Name is dhcpcd
- Link to upstream project https:/
- The source package may be renamed to dhcpcd as requested in
https:/