Univention Bugzilla – Bug 38379
dnsmasq: Denial of service (4.1)
Last modified: 2017-11-08 16:06:42 CET
Crash on receipt of certain malformed DNS requests (CVE-2015-3294) Patch in upstream 2.73rc4: http://thekelleys.org.uk/gitweb/?p=dnsmasq.git;a=commit;h=ad4a8ff7d9097008d7623df8543df435bfddeac8
Fix available upstream in Debian package version 2.62-3+deb7u2
Regression fixed in 2.62-3+deb7u3
2.62-3+deb7u4 fixes: * DNS heap buffer overflow (CVE-2017-14491) * DHCPv6 RA heap overflow (CVE-2017-14492) * Infoleak handling DHCPv6 forwarded requests (CVE-2017-14494)
Advisory: dnsmasq.yaml
OK - dnsmasq dnsmasq -d -q dnsmasq: gestartet, Version 2.62, Cachegröße 150 dnsmasq: Übersetzungsoptionen: IPv6 GNU-getopt DBus i18n IDN DHCP DHCPv6 no-Lua TFTP conntrack dnsmasq: lese /etc/resolv.conf dnsmasq: Benutze Namensserver 192.168.0.3#53 dnsmasq: ignoriere Namensserver 10.200.7.150 - lokale Schnittstelle dnsmasq: /etc/hosts gelesen - 7 Adressen dnsmasq: query[A] ping.de from 10.200.7.150 dnsmasq: forwarded ping.de to 192.168.0.3 dnsmasq: reply ping.de is 83.97.42.2 dnsmasq: query[A] ping.de from 10.200.7.150 dnsmasq: cached ping.de is 83.97.42.2 OK - YAML
<http://errata.software-univention.de/ucs/4.1/481.html>