From the annoucement:
http://lists.thekelleys.org.uk/pipermail/dnsmasq-discuss/2021q1/014599.html
"There are broadly two sets of problems. The first is subtle errors in
dnsmasq's protections against the chronic weakness of the DNS protocol
to cache-poisoning attacks; the Birthday attack, Kaminsky, etc. [...]
[...] the second set of errors is a good old fashioned buffer overflow
in dnsmasq's DNSSEC code."
Fixes CVE-2020-25681, CVE-2020-25682, CVE-2020-25683, CVE-2020-25684,
CVE-2020-25685, CVE-2020-25686 and CVE-2020-25687
Details: https://www.jsof-tech.com/disclosures/dnspooq
Signed-off-by: Nicolas Cavallari <nicolas.cavallari@green-communications.fr>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
# Locally calculated after checking pgp signature
-# http://www.thekelleys.org.uk/dnsmasq/dnsmasq-2.82.tar.xz.asc
-sha256 84523646f3116bb5e1151efb66e645030f6e6a8256f29aab444777a343ebc132 dnsmasq-2.82.tar.xz
+# https://www.thekelleys.org.uk/dnsmasq/dnsmasq-2.83.tar.xz.asc
+sha256 ffc1f7e8b05e22d910b9a71d09f1128197292766dc7c54cb7018a1b2c3af4aea dnsmasq-2.83.tar.xz
# Locally calculated
sha256 dcc100d4161cc0b7177545ab6e47216f84857cda3843847c792a25289852dcaa COPYING
sha256 8ceb4b9ee5adedde47b31e975c1d90c73ad27b6b165a1dcd80c7c545eb65b903 COPYING-v3
#
################################################################################
-DNSMASQ_VERSION = 2.82
+DNSMASQ_VERSION = 2.83
DNSMASQ_SOURCE = dnsmasq-$(DNSMASQ_VERSION).tar.xz
DNSMASQ_SITE = http://thekelleys.org.uk/dnsmasq
DNSMASQ_MAKE_ENV = $(TARGET_MAKE_ENV) CC="$(TARGET_CC)"
projects / buildroot.git / commitdiff