new file mode 100644

@@ -0,0 +1,40 @@

+diff -ru dhcp-4.3.3-P1/includes/site.h dhcp-4.3.3-P1-new/includes/site.h

+--- dhcp-4.3.3-P1/includes/site.h	2015-12-16 17:06:15.000000000 -0800

+@@ -292,6 +292,12 @@

+    this option will be removed at some time. */

+ /* #define INCLUDE_OLD_DHCP_ISC_ERROR_CODES */

+ 

++/* Limit the value of a file descriptor the serve will use

++   when accepting a connecting request.  This can be used to

++   limit the number of TCP connections that the server will

++   allow at one time.  A value of 0 means there is no limit.*/

++#define MAX_FD_VALUE 200

++

+ /* Include definitions for various options.  In general these

+    should be left as is, but if you have already defined one

+    of these and prefer your definition you can comment the 

+diff -ru dhcp-4.3.3-P1/omapip/listener.c dhcp-4.3.3-P1-new/omapip/listener.c

+--- dhcp-4.3.3-P1/omapip/listener.c	2015-12-16 17:06:15.000000000 -0800

+@@ -3,7 +3,7 @@

+    Subroutines that support the generic listener object. */

+ 

+ /*

+- * Copyright (c) 2012,2014 by Internet Systems Consortium, Inc. ("ISC")

++ * Copyright (c) 2012,2014,2016 by Internet Systems Consortium, Inc. ("ISC")

+  * Copyright (c) 2004,2007,2009 by Internet Systems Consortium, Inc. ("ISC")

+  * Copyright (c) 1999-2003 by Internet Software Consortium

+  *

+@@ -233,6 +233,11 @@

+ 			return ISC_R_NORESOURCES;

+ 		return ISC_R_UNEXPECTED;

+ 	}

++

++	if ((MAX_FD_VALUE != 0) && (socket > MAX_FD_VALUE)) {

++		close(socket);

++		return (ISC_R_NORESOURCES);

++	}

+ 	

+ #if defined (TRACING)

+ 	/* If we're recording a trace, remember the connection. */

@@ -1,7 +1,7 @@

 Summary:	Dynamic host configuration protocol

 Name:		dhcp

 Version:	4.3.3

-Release:	1%{?dist}

+Release:	2%{?dist}

 License:	ISC

 Url:      	http://isc.org/products/DHCP/

 Source0:  	ftp://ftp.isc.org/isc/%{name}/%{version}/%{name}-%{version}-P1.tar.gz

@@ -10,7 +10,7 @@ Group:		System Environment/Base

 Vendor:		VMware, Inc.

 Distribution:	Photon

 Patch0:		http://www.linuxfromscratch.org/patches/blfs/svn/dhcp-4.3.3-P1-client_script-1.patch

-#Patch1:     http://www.linuxfromscratch.org/patches/blfs/svn/dhcp-4.3.3-P1-missing_ipv6-1.patch

+Patch1:         dhcp-4.3.3-CVE-2016-2774.patch

 BuildRequires:	systemd

 %description

 The ISC DHCP package contains both the client and server programs for DHCP. dhclient (the client) is used for connecting to a network which uses DHCP to assign network addresses. dhcpd (the server) is used for assigning network addresses on private networks

@@ -42,7 +42,7 @@ The ISC DHCP Client, dhclient, provides a means for configuring one or more netw

 %prep

 %setup -qn %{name}-%{version}-P1

 %patch0 -p1

-#%patch1 -p1

+%patch1 -p1

 %build

 CFLAGS="-D_PATH_DHCLIENT_SCRIPT='\"/sbin/dhclient-script\"'         \

         -D_PATH_DHCPD_CONF='\"/etc/dhcp/dhcpd.conf\"'               \

@@ -147,7 +147,9 @@ install -v -dm 755 %{buildroot}/var/lib/dhclient

 %{_mandir}/man8/dhclient.8.gz

 %changelog

-*   Fri Jan 22 2016 Xiaolin Li <xiaolinl@vmware.com> 4.3.3-1

--   Updated to version 4.3.3

+* 	Wed Mar 30 2016 Anish Swaminathan <anishs@vmware.com>  4.3.3-2

+- 	Add patch for CVE-2016-2774

+*   	Fri Jan 22 2016 Xiaolin Li <xiaolinl@vmware.com> 4.3.3-1

+-   	Updated to version 4.3.3

 *	Wed Jul 15 2015 Divya Thaluru <dthaluru@vmware.com> 4.3.2-1

 -	Initial build./