UbuntuUpdates.org

Package "dnsmasq"

Name: dnsmasq

Description:

Small caching DNS proxy and DHCP/TFTP server

Latest version: 2.90-0ubuntu0.22.04.1
Release: jammy (22.04)
Level: security
Repository: universe
Homepage: http://www.thekelleys.org.uk/dnsmasq/doc.html

Links


Download "dnsmasq"


Other versions of "dnsmasq" in Jammy

Repository Area Version
base main 2.86-1.1
base universe 2.86-1.1
security main 2.90-0ubuntu0.22.04.1
updates universe 2.90-0ubuntu0.22.04.1
updates main 2.90-0ubuntu0.22.04.1

Packages in group

Deleted packages are displayed in grey.


Changelog

Version: 2.90-0ubuntu0.22.04.1 2024-02-26 15:07:13 UTC

  dnsmasq (2.90-0ubuntu0.22.04.1) jammy-security; urgency=medium

  * Updated to 2.90 to fix multiple security issues.
    - debian/rules: specify lua version with LUA.
    - CVE-2023-50387, CVE-2023-50868
  * Convert package to source format 3.0 to ease maintenance going forward.

 -- Marc Deslauriers <email address hidden> Wed, 14 Feb 2024 14:23:43 -0500

Source diff to previous version
CVE-2023-50387 Certain DNSSEC aspects of the DNS protocol (in RFC 4033, 4034, 4035, 6840, and related RFCs) allow remote attackers to cause a denial of service (CPU
CVE-2023-50868 The Closest Encloser Proof aspect of the DNS protocol (in RFC 5155 when RFC 9276 guidance is skipped) allows remote attackers to cause a denial of se

Version: 2.86-1.1ubuntu0.3 2023-04-20 10:07:20 UTC

  dnsmasq (2.86-1.1ubuntu0.3) jammy-security; urgency=medium

  * SECURITY UPDATE: IP fragmentation
    - src/config.h: update default max EDNS_PKTSZ to 1232 as agreed on
      dnsflagday 2020.
    - man/dnsmasq.8: updating documentation to reflect new default max
      EDNS_PKTSZ.
    - eb92fb32b746f2104b0f370b5b295bb8dd4bd5e5
    - CVE-2023-28450

 -- Ian Constantin <email address hidden> Tue, 18 Apr 2023 11:11:46 +0300

Source diff to previous version
CVE-2023-28450 An issue was discovered in Dnsmasq before 2.90. The default maximum EDNS.0 UDP packet size was set to 4096 but should be 1232 because of DNS Flag Day

Version: 2.86-1.1ubuntu0.1 2022-05-10 19:06:25 UTC

  dnsmasq (2.86-1.1ubuntu0.1) jammy-security; urgency=medium

  * SECURITY UPDATE: Heap use after free
    - debian/patches/CVE-2022-0934.patch: Fix write-after-free error in
      DHCPv6 code in src/rfc3315.c.
    - CVE-2022-0934

 -- Leonidas Da Silva Barbosa <email address hidden> Mon, 02 May 2022 12:09:51 -0300




About   -   Send Feedback to @ubuntu_updates