> On 16/05/15 11:26, Santiago Ruano Rincón wrote: > > Hi Simon, > > > > On Fri, May 15, 2015 at 04:24:30PM +0200, Santiago Ruano Rincón > > wrote: ... > >> I'm attaching the clean patch to fix CVE-2015-3294. > > > > These other CVEs are related each other and still affect dnsmasq > > in squeeze and wheeze: > > https://security-tracker.debian.org/tracker/CVE-2012-3411 > > https://security-tracker.debian.org/tracker/CVE-2013-0198 > > > > As far as I understand, your fix to those bugs introduces the new > > --bind-dynamic option in dnsmasq. This fix also depends on libvirt, > > that needs to be modified to pass --bind-dynamic instead of > > --bind-interfaces. Please, correct me if I'm wrong. > > > > Given that in Debian they have been classified as low priority, do > > you think it's worth to do adapt those changes into squeeze and > > wheeze? > > > > Your analysis is correct, and I think it's really not worth the > (large) amount of effort required. > Ok. Thanks for your answer! Santiago
Attachment:
signature.asc
Description: Digital signature