-
dnsmasq (2.79-1ubuntu0.7) bionic-security; urgency=medium
* SECURITY UPDATE: IP fragmentation
- src/config.h: update default max EDNS_PKTSZ to 1232 as agreed on
dnsflagday 2020.
- man/dnsmasq.8: updating documentation to reflect new default max
EDNS_PKTSZ.
- eb92fb32b746f2104b0f370b5b295bb8dd4bd5e5
- CVE-2023-28450
-- Ian Constantin <email address hidden> Tue, 18 Apr 2023 11:21:55 +0300
-
dnsmasq (2.79-1ubuntu0.6) bionic-security; urgency=medium
* SECURITY UPDATE: Heap use after free
- debian/patches/CVE-2022-0934.patch: Fix write-after-free error in
DHCPv6 code in src/rfc3315.c.
- CVE-2022-0934
-- Leonidas Da Silva Barbosa <email address hidden> Mon, 18 Apr 2022 12:41:06 -0300
-
dnsmasq (2.79-1ubuntu0.5) bionic; urgency=medium
* src/forward.c: add missing EDNS0 section. (LP: #1785383)
-- Paride Legovini <email address hidden> Fri, 24 Sep 2021 13:05:51 +0200
-
dnsmasq (2.79-1ubuntu0.4) bionic-security; urgency=medium
* SECURITY UPDATE: fixed port use when specific server is requested
- 74d4fcd756a85bc1823232ea74334f7ccfb9d5d2
- CVE-2021-3448
-- Marc Deslauriers <email address hidden> Thu, 06 May 2021 12:34:24 -0400
-
dnsmasq (2.79-1ubuntu0.3) bionic-security; urgency=medium
* SECURITY REGRESSION: issue with multiple queries and issue with retries
(LP: #1916462)
- backport multiple upstream commits to fix regressions
+ 04490bf622ac84891aad6f2dd2edf83725decdee
+ 12af2b171de0d678d98583e2190789e544440e02
+ 3f535da79e7a42104543ef5c7b5fa2bed819a78b
+ 25e63f1e56f5acdcf91893a1b92ad1e0f2f552d8
+ 141a26f979b4bc959d8e866a295e24f8cf456920
+ 305cb79c5754d5554729b18a2c06fe7ce699687a
-- Marc Deslauriers <email address hidden> Tue, 23 Feb 2021 08:02:05 -0500
-
dnsmasq (2.79-1ubuntu0.2) bionic-security; urgency=medium
* SECURITY UPDATE: Multiple security issues
- CVE-2020-25681: heap overflow in RRSets sorting
- CVE-2020-25682: buffer overflow in extracting names from DNS packets
- CVE-2020-25683: heap overflow in DNSSEC validation
- CVE-2020-25684: cache poisoning issue via address/port
- CVE-2020-25685: cache poisoning issue via weak hash
- CVE-2020-25686: birthday attack via incorrect existing requests check
- CVE-2020-25687: heap overflow in DNSSEC validation
- CVE-2019-14834: memory leak via DHCP response creation
-- Marc Deslauriers <email address hidden> Fri, 08 Jan 2021 09:59:59 -0500
-
dnsmasq (2.79-1) unstable; urgency=low
* New upstream. (closes: #888200)
* Fix trust-anchor regex in init script. (closes: #884347)
* Fix exit code for dhcp_release6 (closes: #833596)
* Add project homepage to control file. (closes: #887764)
* New binary package dnsmasq-base-lua, includes Lua support.
* Remove hardwired shlibs dependency for libnettle 3.3 and
fix code to avoid ABI breakage as long as compiled against
libnettle 3.4 or later. (closes: #891315)
-- Simon Kelley <email address hidden> Fri, 16 Feb 2018 19:54:22 +0000
-
dnsmasq (2.78-3) unstable; urgency=high
* Make failure of pidfile chown a warning. (closes: #889857)
-- Simon Kelley <email address hidden> Thu, 8 Feb 2018 21:26:30 +0000
-
dnsmasq (2.78-2) unstable; urgency=high
* Change ownership of pid file, to keep systemd happy. (closes: #889336)
-- Simon Kelley <email address hidden> Tue, 6 Feb 2018 17:21:30 +0000
-
dnsmasq (2.78-1) unstable; urgency=high
* New upstream.
Security fixes for CVE-2017-13704 (closes: #877102)
Security fixes for CVE-2017-14491 - CVE-2017-14496 inclusive.
-- Simon Kelley <email address hidden> Sun, 29 Sep 2017 21:34:00 +0000
