I've prepared a security update for dnsmasq in wheezy, fixing the relevant CVEs: * CVE-2017-14491: DNS heap buffer overflow * CVE-2017-14492: DHCPv6 RA heap overflow * CVE-2017-14494: Infoleak handling DHCPv6 forwarded requests * CVE-2017-14496: Integer underflow in DNS response creation I checked that the package builds cleanly, the daemon runs and answers DNS requests. But I'm not familiar with this package so I would appreciate some wider testing before uploading. The updated source and amd64 binaries are available under <https://people.debian.org/~benh/packages/wheezy-security/>. Ben. -- Ben Hutchings - Debian developer, member of kernel, installer and LTS teams
Attachment:
signature.asc
Description: This is a digitally signed message part