UbuntuUpdates.org

Package "dnsmasq-base-lua"

Name: dnsmasq-base-lua

Description:

Small caching DNS proxy and DHCP/TFTP server

Latest version: 2.90-0ubuntu0.22.04.1
Release: jammy (22.04)
Level: updates
Repository: universe
Head package: dnsmasq
Homepage: http://www.thekelleys.org.uk/dnsmasq/doc.html

Links


Download "dnsmasq-base-lua"


Other versions of "dnsmasq-base-lua" in Jammy

Repository Area Version
base universe 2.86-1.1
security universe 2.90-0ubuntu0.22.04.1

Changelog

Version: 2.90-0ubuntu0.22.04.1 2024-02-26 16:07:01 UTC

  dnsmasq (2.90-0ubuntu0.22.04.1) jammy-security; urgency=medium

  * Updated to 2.90 to fix multiple security issues.
    - debian/rules: specify lua version with LUA.
    - CVE-2023-50387, CVE-2023-50868
  * Convert package to source format 3.0 to ease maintenance going forward.

 -- Marc Deslauriers <email address hidden> Wed, 14 Feb 2024 14:23:43 -0500

Source diff to previous version
CVE-2023-50387 Certain DNSSEC aspects of the DNS protocol (in RFC 4033, 4034, 4035, 6840, and related RFCs) allow remote attackers to cause a denial of service (CPU
CVE-2023-50868 The Closest Encloser Proof aspect of the DNS protocol (in RFC 5155 when RFC 9276 guidance is skipped) allows remote attackers to cause a denial of se

Version: 2.86-1.1ubuntu0.5 2024-01-31 20:08:02 UTC

  dnsmasq (2.86-1.1ubuntu0.5) jammy; urgency=medium

  * src/dnsmasq.c: Fix a crash that can happen when an empty resolv.conf is
    reloaded (LP: #2045570)
  * src/helper.c: Fix wrong client address for dhcp-script when DHCPv4 relay
    in use (LP: #2042587)

 -- Andreas Hasenack <email address hidden> Thu, 11 Jan 2024 09:21:27 -0300

Source diff to previous version
2045570 dnsmasq crash when no servers in resolv.conf
2042587 jammy's version breaks existing dhcp scripts with relay

Version: 2.86-1.1ubuntu0.4 2024-01-09 22:06:59 UTC

  dnsmasq (2.86-1.1ubuntu0.4) jammy; urgency=medium

  * src/dnsmasq.h, src/domain-match.c: Fix confusion when using resolvconf
    servers (combining server|address for a domain), resulting in the struct
    server datastructure for server=/domain/# getting passed to
    forward_query(), rapidly followed by a SEGV. This fix makes
    server=/domain/# a fully fledged member of the priority list.
    The code added here is a cherry pick released in upstream version
    2.87, originating at
    https://thekelleys.org.uk/gitweb/?p=dnsmasq.git;a=commit;h=de372d69
    (LP: #2015562)

 -- Miriam España Acebal <email address hidden> Thu, 20 Apr 2023 11:00:27 +0200

Source diff to previous version
2015562 [SRU] Segfault in dnsmasq when using certain static domain entries + DoH (bugfix possibly exists upstream)

Version: 2.86-1.1ubuntu0.3 2023-04-20 13:07:13 UTC

  dnsmasq (2.86-1.1ubuntu0.3) jammy-security; urgency=medium

  * SECURITY UPDATE: IP fragmentation
    - src/config.h: update default max EDNS_PKTSZ to 1232 as agreed on
      dnsflagday 2020.
    - man/dnsmasq.8: updating documentation to reflect new default max
      EDNS_PKTSZ.
    - eb92fb32b746f2104b0f370b5b295bb8dd4bd5e5
    - CVE-2023-28450

 -- Ian Constantin <email address hidden> Tue, 18 Apr 2023 11:11:46 +0300

Source diff to previous version
CVE-2023-28450 An issue was discovered in Dnsmasq before 2.90. The default maximum EDNS.0 UDP packet size was set to 4096 but should be 1232 because of DNS Flag Day

Version: 2.86-1.1ubuntu0.2 2023-03-29 02:06:53 UTC

  dnsmasq (2.86-1.1ubuntu0.2) jammy; urgency=medium

  * src/forward.c: Do not refuse retries from client DNS queries. Behaviour to
    stop infinite loops when all servers return REFUSED was wrongly activated
    on client retries, resulting in incorrect REFUSED replies to client
    retries. The code added here is a cherry pick released in upstream version
    2.87, originating at
    https://thekelleys.org.uk/gitweb/?p=dnsmasq.git;a=commit;h=2561f9fe0eb9c0be
    (LP: #1981794)

 -- Lena Voytek <email address hidden> Fri, 14 Oct 2022 14:39:41 -0700

1981794 Duplicate/retried DNS queries fail with REFUSED (Fixed in upstream)



About   -   Send Feedback to @ubuntu_updates