Zum Inhalt springen.
Sympa Menü

it-securitynotifies - [IT-SecNots] [SECURITY] [DSA 3251-2] dnsmasq regression update

it-securitynotifies AT lists.piratenpartei.de

Betreff: Sicherheitsankündigungen

Listenarchiv

[IT-SecNots] [SECURITY] [DSA 3251-2] dnsmasq regression update


Chronologisch Thread 
  • From: Salvatore Bonaccorso <carnil AT debian.org>
  • To: debian-security-announce AT lists.debian.org
  • Subject: [IT-SecNots] [SECURITY] [DSA 3251-2] dnsmasq regression update
  • Date: Thu, 07 May 2015 20:58:13 +0000
  • List-archive: <https://service.piratenpartei.de/pipermail/it-securitynotifies>
  • List-id: Sicherheitsankündigungen <it-securitynotifies.lists.piratenpartei.de>
  • Old-return-path: <carnil AT master.debian.org>
  • Priority: urgent
  • Resent-date: Thu, 7 May 2015 20:58:30 +0000 (UTC)
  • Resent-from: debian-security-announce AT lists.debian.org
  • Resent-message-id: <C2Y8b7IEP9F.A.Sw.2H9SVB@bendel>
  • Resent-sender: debian-security-announce-request AT lists.debian.org

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- -------------------------------------------------------------------------
Debian Security Advisory DSA-3251-2 security AT debian.org
http://www.debian.org/security/ Salvatore Bonaccorso
May 07, 2015 http://www.debian.org/security/faq
- -------------------------------------------------------------------------

Package : dnsmasq
Debian Bug : 784571

The update for dnsmasq issued as DSA-3251-1 introduced a regression for
the armel and armhf builds causing dnsmasq failing to start under
certain configurations. Updated packages are now available to address
this regression. Additionally dnsmasq was patched to handle the case
were the libc headers defined SO_REUSEPORT, but is not supported by the
running kernel. For reference, the original advisory text follows.

Nick Sampanis discovered that dnsmasq, a small caching DNS proxy and
DHCP/TFTP server, did not properly check the return value of the
setup_reply() function called during a TCP connection, which is used
then as a size argument in a function which writes data on the client's
connection. A remote attacker could exploit this issue via a specially
crafted DNS request to cause dnsmasq to crash, or potentially to obtain
sensitive information from process memory.

For the oldstable distribution (wheezy), this problem has been fixed
in version 2.62-3+deb7u3.

We recommend that you upgrade your dnsmasq packages.

Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/

Mailing list: debian-security-announce AT lists.debian.org
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iQIcBAEBCgAGBQJVS9GaAAoJEAVMuPMTQ89E7wUQAJDnaVaPSOorhHrDTFyKEZin
w+jv2TQWNhREsUzh8nzKyJJItYCmfatlsyaG/A+yMPIwo9UhaEKm6NAQUOaTFYRC
nVJPHVIOAjZ7dYvWKatURV6v+wjGf1/8UiVrGURyU1TKOhanJkg52t54QDZEBZ2z
UKSYqciUsb8h7jP9XyricVZtRyIx6hY+nS9JfOOnjRThnLJ3hSNyzY19u00qbHHm
76IgFUEJjSuLdQfHRdRh7TN+bxlyOOdKZbEmjVih7/m1PHsAIbn0b2zTKcfIAaJL
RBhXQknKCpXDCLX4yrnjnrESXN/+8PSlTWfvuz4z1rZc7WGaeD/mHNVAVb+i+H0o
ql7zXEosszgCs6hKR4VmjFlv8tjYzuEvktn0Zm9j0tnlBp+qlh7epX5zRs8tc0z4
B86AojW/0V4bxle26eVb/05sGKacMKcqKYw9fAxsjVpQvis6Hlj1PY11aX6tLcpA
doaqB5VMN1M0ykQcI2C0wx1679GjwXZn3Nya1dS291Asu9pKygO/oqlJpDzUj/uc
zKSh2xdjig/eri/TCJnqx74gxCA4PwcNTD8N1GwAgqt7WMDwGFVjggk/AiPbhScn
n3E3Jp5t5by1pTZQSVmSCERSj/oGFKecLtxKVo+05zJqbXwCPauwiBAmforpzSZK
h2+EXeMGmAN9pX5XKxtq
=GYLP
-----END PGP SIGNATURE-----


--
To UNSUBSCRIBE, email to debian-security-announce-REQUEST AT lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster AT lists.debian.org
Archive: E1YqSs1-000538-8Z AT master.debian.org">https://lists.debian.org/E1YqSs1-000538-8Z AT master.debian.org




  • [IT-SecNots] [SECURITY] [DSA 3251-2] dnsmasq regression update, Salvatore Bonaccorso, 07.05.2015

Archiv bereitgestellt durch MHonArc 2.6.19.

Seitenanfang