Re: Call for testing: dnsmasq security update

To: Ben Hutchings <benh@debian.org>
Cc: Debian LTS <debian-lts@lists.debian.org>
Subject: Re: Call for testing: dnsmasq security update
From: Guido Günther <agx@sigxcpu.org>
Date: Thu, 5 Oct 2017 19:33:14 +0200
Message-id: <[🔎] 20171005173314.mg4zjj5l6klrrjjz@bogon.m.sigxcpu.org>
Mail-followup-to: Guido Günther <agx@sigxcpu.org>, Ben Hutchings <benh@debian.org>, Debian LTS <debian-lts@lists.debian.org>
In-reply-to: <[🔎] 1507221069.2677.57.camel@debian.org>
References: <[🔎] 1507221069.2677.57.camel@debian.org>

Hi Ben,
On Thu, Oct 05, 2017 at 05:31:09PM +0100, Ben Hutchings wrote:
> I've prepared a security update for dnsmasq in wheezy, fixing the
> relevant CVEs:
> 
>   * CVE-2017-14491: DNS heap buffer overflow
>   * CVE-2017-14492: DHCPv6 RA heap overflow
>   * CVE-2017-14494: Infoleak handling DHCPv6 forwarded requests
>   * CVE-2017-14496: Integer underflow in DNS response creation
> 
> I checked that the package builds cleanly, the daemon runs and answers
> DNS requests.  But I'm not familiar with this package so I would
> appreciate some wider testing before uploading.
> 
> The updated source and amd64 binaries are available under
> <https://people.debian.org/~benh/packages/wheezy-security/>.

I did some testing of the dnsmasq-base package runnig as dhcp provider
as spawned by libvirt and it still works as expected.
Cheers,
 -- Guido

Reply to:

Follow-Ups:
- Re: Call for testing: dnsmasq security update
  - From: Ben Hutchings <benh@debian.org>

References:
- Call for testing: dnsmasq security update
  - From: Ben Hutchings <benh@debian.org>

Prev by Date: Call for testing: dnsmasq security update
Next by Date: Re: Call for testing: dnsmasq security update
Previous by thread: Call for testing: dnsmasq security update
Next by thread: Re: Call for testing: dnsmasq security update
Index(es):
- Date
- Thread