projects / buildroot.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 4f3fdf1) | patch
dnsmasq: security bump to version 2.78
authorBaruch Siach <baruch@tkos.co.il>
Mon, 2 Oct 2017 17:38:25 +0000 (20:38 +0300)
committerThomas Petazzoni <thomas.petazzoni@free-electrons.com>
Mon, 2 Oct 2017 18:58:20 +0000 (20:58 +0200)
commite77fdc90e320ff38d56d8e5c97fc783e8fbb76bb
tree304a199c6a8ba5da6c2b53bb2c62d7d191e867f3tree
parent4f3fdf1544d7aacfd36fdb13ddece4b82753147ecommit | diff
dnsmasq: security bump to version 2.78

Supported Lua version is now 5.2.

Add licenses hash.

Fixes a number of security issues:

CVE-2017-13704 - Crash when DNS query exceeded 512 bytes (a regression
in 2.77, so technically not fixed by this bump)

CVE-2017-14491 - Heap overflow in DNS code

CVE-2017-14492 - Heap overflow in IPv6 router advertisement code

CVE-2017-14493 - Stack overflow in DHCPv6 code

CVE-2017-14494 - Information leak in DHCPv6

CVE-2017-14496 - Invalid boundary checks allows a malicious DNS queries
to trigger DoS

CVE-2017-14495 - Out-of-memory Dos vulnerability

Signed-off-by: Baruch Siach <baruch@tkos.co.il>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
package/dnsmasq/dnsmasq.hash diff | blob | history
package/dnsmasq/dnsmasq.mk diff | blob | history