UbuntuUpdates.org

Package "dnsmasq"

Name: dnsmasq

Description:

Small caching DNS proxy and DHCP/TFTP server
Latest version: 2.90-0ubuntu0.20.04.1
Release: focal (20.04)
Level: updates
Repository: universe
Homepage: http://www.thekelleys.org.uk/dnsmasq/doc.html

Links

All versions of this package
Bug fixes

List of files in package
Repository home page

Download "dnsmasq"

All arch deb package
APT INSTALL

Other versions of "dnsmasq" in Focal

Repository Area Version
base universe 2.80-1.1ubuntu1
base main 2.80-1.1ubuntu1
security main 2.90-0ubuntu0.20.04.1
security universe 2.90-0ubuntu0.20.04.1
updates main 2.90-0ubuntu0.20.04.1

Packages in group

Deleted packages are displayed in grey.


Changelog

Version: 2.80-1.1ubuntu1.3 2021-02-24 16:07:54 UTC

  dnsmasq (2.80-1.1ubuntu1.3) focal-security; urgency=medium

  * SECURITY REGRESSION: issue with multiple queries and issue with retries
    (LP: #1916462)
    - backport multiple upstream commits to fix regressions
      + 04490bf622ac84891aad6f2dd2edf83725decdee
      + 12af2b171de0d678d98583e2190789e544440e02
      + 3f535da79e7a42104543ef5c7b5fa2bed819a78b
      + 25e63f1e56f5acdcf91893a1b92ad1e0f2f552d8
      + 141a26f979b4bc959d8e866a295e24f8cf456920
      + 305cb79c5754d5554729b18a2c06fe7ce699687a

 -- Marc Deslauriers <email address hidden> Tue, 23 Feb 2021 07:58:11 -0500
Source diff to previous version
1916462 dnsmasq failed to send packet: Network is unreachable

Version: 2.80-1.1ubuntu1.2 2021-01-19 15:07:15 UTC

  dnsmasq (2.80-1.1ubuntu1.2) focal-security; urgency=medium

  * SECURITY UPDATE: Multiple security issues
    - CVE-2020-25681: heap overflow in RRSets sorting
    - CVE-2020-25682: buffer overflow in extracting names from DNS packets
    - CVE-2020-25683: heap overflow in DNSSEC validation
    - CVE-2020-25684: cache poisoning issue via address/port
    - CVE-2020-25685: cache poisoning issue via weak hash
    - CVE-2020-25686: birthday attack via incorrect existing requests check
    - CVE-2020-25687: heap overflow in DNSSEC validation
    - CVE-2019-14834: memory leak via DHCP response creation

 -- Marc Deslauriers <email address hidden> Fri, 08 Jan 2021 09:59:59 -0500
CVE-2020-25681 RESERVED
CVE-2020-25682 RESERVED
CVE-2020-25683 RESERVED
CVE-2020-25684 RESERVED
CVE-2020-25685 RESERVED
CVE-2020-25686 RESERVED
CVE-2020-25687 RESERVED
CVE-2019-14834 A vulnerability was found in dnsmasq before version 2.81, where the memory leak allows remote attackers to cause a denial of service (memory consumpt


About   -   Send Feedback to @ubuntu_updates