Change log for dnsmasq package in Ubuntu
| 1 → 75 of 160 results | First • Previous • Next • Last |
| Published in oracular-release |
| Published in noble-release |
| Deleted in noble-proposed (Reason: Moved to noble) |
dnsmasq (2.90-2build2) noble; urgency=medium * No-change rebuild for CVE-2024-3094 -- Steve Langasek <email address hidden> Sun, 31 Mar 2024 08:48:56 +0000
Available diffs
- diff from 2.90-2build1 to 2.90-2build2 (306 bytes)
dnsmasq (2.90-3) unstable; urgency=medium
* Update d/control:
- Add passwd to Depends of dnsmasq-base(-lua) (closes: #1064518).
- Update the Vcs-* fields (closes: #1065347).
- Fix lintian issue build-depends-on-obsolete-package.
- Add myself as uploader.
* Update d/copyright:
- Fix lintian issue missing-field-in-dep5-copyright.
* Add missing CVE number to the 2.90-1 change log.
-- Sven Geuer <email address hidden> Sat, 09 Mar 2024 20:18:53 +0100
dnsmasq (2.90-2build1) noble; urgency=medium * No-change rebuild against libhogweed6t64 -- Steve Langasek <email address hidden> Sun, 03 Mar 2024 06:22:49 +0000
Available diffs
- diff from 2.90-2 (in Debian) to 2.90-2build1 (572 bytes)
dnsmasq (2.90-0ubuntu0.20.04.1) focal-security; urgency=medium
* Updated to 2.90 to fix multiple security issues.
- debian/rules: specify lua version with LUA.
- CVE-2023-50387, CVE-2023-50868
* Convert package to source format 3.0 to ease maintenance going forward.
-- Marc Deslauriers <email address hidden> Wed, 14 Feb 2024 14:58:58 -0500
Available diffs
dnsmasq (2.90-0ubuntu0.22.04.1) jammy-security; urgency=medium
* Updated to 2.90 to fix multiple security issues.
- debian/rules: specify lua version with LUA.
- CVE-2023-50387, CVE-2023-50868
* Convert package to source format 3.0 to ease maintenance going forward.
-- Marc Deslauriers <email address hidden> Wed, 14 Feb 2024 14:23:43 -0500
Available diffs
dnsmasq (2.90-0ubuntu0.23.10.1) mantic-security; urgency=medium
* Updated to 2.90 to fix multiple security issues.
- debian/rules: specify lua version with LUA.
- CVE-2023-28450, CVE-2023-50387, CVE-2023-50868
* Convert package to source format 3.0 to ease maintenance going forward.
-- Marc Deslauriers <email address hidden> Wed, 14 Feb 2024 13:35:34 -0500
Available diffs
| Deleted in noble-updates (Reason: superseded by release) |
| Superseded in noble-release |
| Deleted in noble-proposed (Reason: Moved to noble) |
dnsmasq (2.90-2) unstable; urgency=medium
[ Sven Geuer ]
* Relax limits imposed by d/t/functions.d/ip-addr.patterns to allow for
successful tests on ci.debian.net.
-- Simon Kelley <email address hidden> Wed, 14 Feb 2024 11:33:14 +0000
Available diffs
- diff from 2.89-1 to 2.90-2 (97.8 KiB)
- diff from 2.90-1 to 2.90-2 (568 bytes)
dnsmasq (2.90-1) unstable; urgency=medium
[ Simon Kelley ]
* New upstream. (closes: #1033165)
* Move hard-coding of Lua version from the upstream Makefile
to d/rules.
* Security fixes for Keytrap - DNSSEC validation CPU exhaustion.
CVE-2023-50387 and CVE-2023-50868
[ Sven Geuer ]
* Introduce autokpgtests per d/tests/* (closes: #1034135).
* Switch to dpkg-source 3.0 (quilt) format (closes: #1007041).
* doc.html: Add patch to eliminate privacy breaches leaving the Donations
paragraph as untouched as possible.
* Prepend dnsmasq. to default, init, preinst, postinst, prerm, postrm.
* Rename d/systemd.service to d/dnsmasq.service.
* Rename d/systemd@.service to d/dnsmasq@.service.
* Refactor d/rules to use the DH sequencer and fix major lintian issues
(closes: #844989, #1040923, #1063551).
Modified files:
- d/rules
Complete rewrite making use of debhelper and its tools, fixes lintian
warning debian-rules-sets-dpkg-architecture-variable.
- d/control
Build-Depends, Pre-Depends, Depends added or changed as needed, lintian
error depends-on-obsolete-package fixed.
- d/dnsmasq.default
ENABLED removed and comment changed to fix lintian error
init.d-script-should-always-start-service.
- d/dnsmasq.init
Remove handling of obsolete ENABLED flag.
Extract code used with System-V-style init and systemd into
d/init-system-common, extract code used with systemd only
into d/systemd-helper. This fixes lintian warning
systemd-service-file-wraps-init-script.
Drop workaround for hypothetically non-existent file
/lib/lsb/init-functions, it has been around for more than a decade.
- d/dnsmasq.service, d/dnsmasq@.service
Adapt these files to make use of init-system-common and systemd-helper.
- d/dnsmasq.{post,pre}{inst,rm}
Rely mostly on the script snippets created by the DH tools to get
things done, implicitly fixes the lintian warnings
maintainer-script-should-not-use-dpkg-maintscript-helper and
command-with-path-in-maintainer-script.
- d/resolvconf*
Change file mode bits to 0755, the installed files need it
New files:
- d/dnsmasq.{install,links,maintscript}
- d/dnsmasq-base.{dirs,docs,install}
- d/dnsmasq-base-lua.{dirs,docs,install,links}
- d/dnsmasq-utils.{install,manpages}
The DH tools use these to install what was scripted explicitly
in the previous version of the d/rules file,
lintian warning dbus-policy-in-etc fixed
- d/init-system-common
- d/systemd-helper
These files contain slightly modified code formerly part of in
d/dnsmasq.init.
Deleted files:
- d/*conffiles
- d/lintian-override
- d/installed-marker
These are not in use anymore.
* Deal with a removed conffile and changed links.
Modified files:
- d/dnsmasq-base.{postinst,postrm}
New files:
- d/dnsmasq-base.maintscript
- d/dnsmasq-base-lua.maintscript
* Add watch file and upstream's signing key.
New files:
- d/watch
- d/u/signing-key.asc
* Remove dependency on package adduser.
Modified files:
- d/control
- d/dnsmasq.post{inst,rm}
* Refactor d/copyright to comply with DEP 5 (closes: #966505).
* Remove trailing whitespace from various files under debian/.
* Bump Standards-Version to 4.6.2.
* Specify Rules-Requires-Root.
* Update http:// to https:// with Homepage, Vcs-Git and Vcs-Browser.
* Introduce d/u/metadata.
* Fix lintian issue duplicate-short-description.
* Fix lintian issue capitalization-error-in-description.
* Bump Lua version to 5.4 (closes: #1050750).
Modified files:
- d/control
- d/t/functions.d/log.patterns
-- Simon Kelley <email address hidden> Fri, 23 Jan 2024 22:52:01 +0000
dnsmasq (2.86-1.1ubuntu0.5) jammy; urgency=medium
* src/dnsmasq.c: Fix a crash that can happen when an empty resolv.conf is
reloaded (LP: #2045570)
* src/helper.c: Fix wrong client address for dhcp-script when DHCPv4 relay
in use (LP: #2042587)
-- Andreas Hasenack <email address hidden> Thu, 11 Jan 2024 09:21:27 -0300
Available diffs
- diff from 2.86-1.1ubuntu0.4 to 2.86-1.1ubuntu0.5 (972 bytes)
dnsmasq (2.86-1.1ubuntu0.4) jammy; urgency=medium
* src/dnsmasq.h, src/domain-match.c: Fix confusion when using resolvconf
servers (combining server|address for a domain), resulting in the struct
server datastructure for server=/domain/# getting passed to
forward_query(), rapidly followed by a SEGV. This fix makes
server=/domain/# a fully fledged member of the priority list.
The code added here is a cherry pick released in upstream version
2.87, originating at
https://thekelleys.org.uk/gitweb/?p=dnsmasq.git;a=commit;h=de372d69
(LP: #2015562)
-- Miriam España Acebal <email address hidden> Thu, 20 Apr 2023 11:00:27 +0200
Available diffs
dnsmasq (2.86-1.1ubuntu2.1) kinetic-security; urgency=medium
* SECURITY UPDATE: IP fragmentation
- src/config.h: update default max EDNS_PKTSZ to 1232 as agreed on
dnsflagday 2020.
- man/dnsmasq.8: updating documentation to reflect new default max
EDNS_PKTSZ.
- eb92fb32b746f2104b0f370b5b295bb8dd4bd5e5
- CVE-2023-28450
-- Ian Constantin <email address hidden> Tue, 18 Apr 2023 11:23:04 +0300
Available diffs
dnsmasq (2.86-1.1ubuntu0.3) jammy-security; urgency=medium
* SECURITY UPDATE: IP fragmentation
- src/config.h: update default max EDNS_PKTSZ to 1232 as agreed on
dnsflagday 2020.
- man/dnsmasq.8: updating documentation to reflect new default max
EDNS_PKTSZ.
- eb92fb32b746f2104b0f370b5b295bb8dd4bd5e5
- CVE-2023-28450
-- Ian Constantin <email address hidden> Tue, 18 Apr 2023 11:11:46 +0300
Available diffs
dnsmasq (2.80-1.1ubuntu1.7) focal-security; urgency=medium
* SECURITY UPDATE: IP fragmentation
- src/config.h: update default max EDNS_PKTSZ to 1232 as agreed on
dnsflagday 2020.
- man/dnsmasq.8: updating documentation to reflect new default max
EDNS_PKTSZ.
- eb92fb32b746f2104b0f370b5b295bb8dd4bd5e5
- CVE-2023-28450
-- Ian Constantin <email address hidden> Tue, 18 Apr 2023 11:12:00 +0300
Available diffs
dnsmasq (2.79-1ubuntu0.7) bionic-security; urgency=medium
* SECURITY UPDATE: IP fragmentation
- src/config.h: update default max EDNS_PKTSZ to 1232 as agreed on
dnsflagday 2020.
- man/dnsmasq.8: updating documentation to reflect new default max
EDNS_PKTSZ.
- eb92fb32b746f2104b0f370b5b295bb8dd4bd5e5
- CVE-2023-28450
-- Ian Constantin <email address hidden> Tue, 18 Apr 2023 11:21:55 +0300
Available diffs
- diff from 2.79-1ubuntu0.6 to 2.79-1ubuntu0.7 (38.2 KiB)
dnsmasq (2.86-1.1ubuntu0.2) jammy; urgency=medium
* src/forward.c: Do not refuse retries from client DNS queries. Behaviour to
stop infinite loops when all servers return REFUSED was wrongly activated
on client retries, resulting in incorrect REFUSED replies to client
retries. The code added here is a cherry pick released in upstream version
2.87, originating at
https://thekelleys.org.uk/gitweb/?p=dnsmasq.git;a=commit;h=2561f9fe0eb9c0be
(LP: #1981794)
-- Lena Voytek <email address hidden> Fri, 14 Oct 2022 14:39:41 -0700
Available diffs
| Superseded in noble-release |
| Published in mantic-release |
| Published in lunar-release |
| Deleted in lunar-proposed (Reason: Moved to lunar) |
dnsmasq (2.89-1) unstable; urgency=low * New upstream. -- Simon Kelley <email address hidden> Fri, 13 Jan 2023 21:57:01 +0000
Available diffs
- diff from 2.88-1 to 2.89-1 (5.8 KiB)
dnsmasq (2.88-1) unstable; urgency=low
* New upstream.
* Fix loss of server configuration (closes: #1020830)
Git commit 930428fb970f4991e5c2933fd5a5d2504c18a551
-- Simon Kelley <email address hidden> Wed, 2 Nov 2022 22:15:45 +0000
Available diffs
- diff from 2.87-1.1 to 2.88-1 (215.1 KiB)
dnsmasq (2.80-1.1ubuntu1.6) focal; urgency=medium
* src/cache.c: Apply 162e5e0062ce923c494cc64282f293f0ed64fc10 from
upstream GIT to fix bug in DNS non-terminal code, added in 2.80,
which could sometimes cause a NODATA rather than an NXDOMAIN
reply (LP: #1995260).
-- Miriam España Acebal <email address hidden> Tue, 15 Nov 2022 10:35:15 +0100
Available diffs
dnsmasq (2.87-1.1) unstable; urgency=medium * Non-maintainer upload. * No source change upload to rebuild with debhelper 13.10. -- Michael Biebl <email address hidden> Sat, 15 Oct 2022 12:01:25 +0200
Available diffs
| Superseded in lunar-release |
| Obsolete in kinetic-release |
| Deleted in kinetic-proposed (Reason: Moved to kinetic) |
dnsmasq (2.86-1.1ubuntu2) kinetic; urgency=medium
* src/forward.c: Do not refuse retries from client DNS queries. Behaviour to
stop infinite loops when all servers return REFUSED was wrongly activated
on client retries, resulting in incorrect REFUSED replies to client
retries. The code added here is a cherry pick released in upstream version
2.87, originating at
https://thekelleys.org.uk/gitweb/?p=dnsmasq.git;a=commit;h=2561f9fe0eb9c0be
(LP: #1981794)
-- Lena Voytek <email address hidden> Fri, 30 Sep 2022 08:42:39 -0700
Available diffs
dnsmasq (2.86-1.1ubuntu1) kinetic; urgency=medium
* SECURITY UPDATE: Heap use after free
- 03345ecefeb0d82e3c3a4c28f27c3554f0611b39: Fix write-after-free error in
DHCPv6 code in src/rfc3315.c.
- CVE-2022-0934
-- Leonidas Da Silva Barbosa <email address hidden> Wed, 13 Jul 2022 12:10:53 -0300
Available diffs
dnsmasq (2.86-1.1ubuntu0.1) jammy-security; urgency=medium
* SECURITY UPDATE: Heap use after free
- debian/patches/CVE-2022-0934.patch: Fix write-after-free error in
DHCPv6 code in src/rfc3315.c.
- CVE-2022-0934
-- Leonidas Da Silva Barbosa <email address hidden> Mon, 02 May 2022 12:09:51 -0300
Available diffs
dnsmasq (2.85-1ubuntu2.1) impish-security; urgency=medium
* SECURITY UPDATE: Heap use after free
- debian/patches/CVE-2022-0934.patch: Fix write-after-free error in
DHCPv6 code in src/rfc3315.c.
- CVE-2022-0934
-- Leonidas Da Silva Barbosa <email address hidden> Mon, 18 Apr 2022 11:55:36 -0300
Available diffs
dnsmasq (2.80-1.1ubuntu1.5) focal-security; urgency=medium
* SECURITY UPDATE: Heap use after free
- debian/patches/CVE-2022-0934.patch: Fix write-after-free error in
DHCPv6 code in src/rfc3315.c.
- CVE-2022-0934
-- Leonidas Da Silva Barbosa <email address hidden> Mon, 18 Apr 2022 12:25:39 -0300
Available diffs
dnsmasq (2.79-1ubuntu0.6) bionic-security; urgency=medium
* SECURITY UPDATE: Heap use after free
- debian/patches/CVE-2022-0934.patch: Fix write-after-free error in
DHCPv6 code in src/rfc3315.c.
- CVE-2022-0934
-- Leonidas Da Silva Barbosa <email address hidden> Mon, 18 Apr 2022 12:41:06 -0300
Available diffs
| Superseded in kinetic-release |
| Published in jammy-release |
| Deleted in jammy-proposed (Reason: Moved to jammy) |
dnsmasq (2.86-1.1) unstable; urgency=medium * Non-maintainer upload. * Fix --address=/#/...... which was lost in 2.86. (closes: #995655) -- Michael Biebl <email address hidden> Wed, 10 Nov 2021 22:05:45 +0100
Available diffs
- diff from 2.85-1ubuntu2 (in Ubuntu) to 2.86-1.1 (472.3 KiB)
dnsmasq (2.79-1ubuntu0.5) bionic; urgency=medium * src/forward.c: add missing EDNS0 section. (LP: #1785383) -- Paride Legovini <email address hidden> Fri, 24 Sep 2021 13:05:51 +0200
Available diffs
| Superseded in jammy-release |
| Obsolete in impish-release |
| Deleted in impish-proposed (Reason: Moved to impish) |
dnsmasq (2.85-1ubuntu2) impish; urgency=medium
* Revert: "src/radv.c: avoid leases to be issued forever when not set"
(LP 1894619) according to the bug and upstream discussion.
-- Christian Ehrhardt <email address hidden> Tue, 22 Jun 2021 07:18:30 +0200
Available diffs
- diff from 2.85-1ubuntu1 to 2.85-1ubuntu2 (128.7 KiB)
dnsmasq (2.85-1ubuntu1) impish; urgency=medium
* Merge with Debian unstable. Remaining changes:
- src/radv.c: avoid leases to be issued forever when not set
(LP 1894619)
-- Christian Ehrhardt <email address hidden> Wed, 02 Jun 2021 09:34:26 +0200
Available diffs
- diff from 2.84-1ubuntu2 to 2.85-1ubuntu1 (292.2 KiB)
dnsmasq (2.79-1ubuntu0.4) bionic-security; urgency=medium
* SECURITY UPDATE: fixed port use when specific server is requested
- 74d4fcd756a85bc1823232ea74334f7ccfb9d5d2
- CVE-2021-3448
-- Marc Deslauriers <email address hidden> Thu, 06 May 2021 12:34:24 -0400
Available diffs
dnsmasq (2.82-1ubuntu1.3) groovy-security; urgency=medium
* SECURITY UPDATE: fixed port use when specific server is requested
- 74d4fcd756a85bc1823232ea74334f7ccfb9d5d2
- CVE-2021-3448
-- Marc Deslauriers <email address hidden> Thu, 06 May 2021 12:34:24 -0400
Available diffs
dnsmasq (2.80-1.1ubuntu1.4) focal-security; urgency=medium
* SECURITY UPDATE: fixed port use when specific server is requested
- 74d4fcd756a85bc1823232ea74334f7ccfb9d5d2
- CVE-2021-3448
-- Marc Deslauriers <email address hidden> Thu, 06 May 2021 12:34:24 -0400
Available diffs
dnsmasq (2.84-1ubuntu2.1) hirsute-security; urgency=medium
* SECURITY UPDATE: fixed port use when specific server is requested
- 74d4fcd756a85bc1823232ea74334f7ccfb9d5d2
- CVE-2021-3448
-- Marc Deslauriers <email address hidden> Thu, 06 May 2021 12:34:24 -0400
Available diffs
dnsmasq (2.75-1ubuntu0.16.04.10) xenial-security; urgency=medium
* SECURITY UPDATE: Multiple security issues
- CVE-2017-15107: wildcard NSEC records interpretation issue
+ 4fe6744a220eddd3f1749b40cac3dfc510787de6
+ cd7df612b14ec1bf831a966ccaf076be0dae7404
- CVE-2019-14513: DoS via improper bounds checking
+ d3a8b39c7df2f0debf3b5f274a1c37a9e261f94e
-- Marc Deslauriers <email address hidden> Thu, 22 Apr 2021 09:12:18 -0400
Available diffs
dnsmasq (2.75-1ubuntu0.16.04.8) xenial-security; urgency=medium * SECURITY REGRESSION: issue with multiple queries (LP: #1916462) - backport multiple upstream commits to fix regressions + 04490bf622ac84891aad6f2dd2edf83725decdee + 12af2b171de0d678d98583e2190789e544440e02 + 3f535da79e7a42104543ef5c7b5fa2bed819a78b + 141a26f979b4bc959d8e866a295e24f8cf456920 + 305cb79c5754d5554729b18a2c06fe7ce699687a -- Marc Deslauriers <email address hidden> Tue, 23 Feb 2021 08:32:59 -0500
Available diffs
dnsmasq (2.79-1ubuntu0.3) bionic-security; urgency=medium
* SECURITY REGRESSION: issue with multiple queries and issue with retries
(LP: #1916462)
- backport multiple upstream commits to fix regressions
+ 04490bf622ac84891aad6f2dd2edf83725decdee
+ 12af2b171de0d678d98583e2190789e544440e02
+ 3f535da79e7a42104543ef5c7b5fa2bed819a78b
+ 25e63f1e56f5acdcf91893a1b92ad1e0f2f552d8
+ 141a26f979b4bc959d8e866a295e24f8cf456920
+ 305cb79c5754d5554729b18a2c06fe7ce699687a
-- Marc Deslauriers <email address hidden> Tue, 23 Feb 2021 08:02:05 -0500
Available diffs
dnsmasq (2.80-1.1ubuntu1.3) focal-security; urgency=medium
* SECURITY REGRESSION: issue with multiple queries and issue with retries
(LP: #1916462)
- backport multiple upstream commits to fix regressions
+ 04490bf622ac84891aad6f2dd2edf83725decdee
+ 12af2b171de0d678d98583e2190789e544440e02
+ 3f535da79e7a42104543ef5c7b5fa2bed819a78b
+ 25e63f1e56f5acdcf91893a1b92ad1e0f2f552d8
+ 141a26f979b4bc959d8e866a295e24f8cf456920
+ 305cb79c5754d5554729b18a2c06fe7ce699687a
-- Marc Deslauriers <email address hidden> Tue, 23 Feb 2021 07:58:11 -0500
Available diffs
dnsmasq (2.82-1ubuntu1.2) groovy-security; urgency=medium
* SECURITY REGRESSION: issue with multiple queries and issue with retries
(LP: #1916462)
- backport multiple upstream commits to fix regressions
+ 04490bf622ac84891aad6f2dd2edf83725decdee
+ 12af2b171de0d678d98583e2190789e544440e02
+ 3f535da79e7a42104543ef5c7b5fa2bed819a78b
+ 25e63f1e56f5acdcf91893a1b92ad1e0f2f552d8
+ 141a26f979b4bc959d8e866a295e24f8cf456920
+ 305cb79c5754d5554729b18a2c06fe7ce699687a
-- Marc Deslauriers <email address hidden> Tue, 23 Feb 2021 07:52:53 -0500
Available diffs
| Superseded in impish-release |
| Obsolete in hirsute-release |
| Deleted in hirsute-proposed (Reason: moved to Release) |
dnsmasq (2.84-1ubuntu2) hirsute; urgency=medium * No change rebuild with fixed ownership. -- Dimitri John Ledkov <email address hidden> Tue, 16 Feb 2021 15:12:23 +0000
Available diffs
- diff from 2.82-1ubuntu2 to 2.84-1ubuntu2 (14.1 KiB)
- diff from 2.84-1ubuntu1 to 2.84-1ubuntu2 (293 bytes)
| Superseded in hirsute-proposed |
dnsmasq (2.84-1ubuntu1) hirsute; urgency=medium
* Resynchronize on Debian, remaining change
* src/radv.c: avoid leases to be issued forever when not set
LP: #1894619)
Available diffs
- diff from 2.82-1ubuntu2 to 2.84-1ubuntu1 (14.0 KiB)
dnsmasq (2.82-1ubuntu2) hirsute; urgency=medium
* SECURITY UPDATE: Multiple security issues
- CVE-2020-25681: heap overflow in RRSets sorting
- CVE-2020-25682: buffer overflow in extracting names from DNS packets
- CVE-2020-25683: heap overflow in DNSSEC validation
- CVE-2020-25684: cache poisoning issue via address/port
- CVE-2020-25685: cache poisoning issue via weak hash
- CVE-2020-25686: birthday attack via incorrect existing requests check
- CVE-2020-25687: heap overflow in DNSSEC validation
-- Marc Deslauriers <email address hidden> Fri, 08 Jan 2021 09:50:21 -0500
Available diffs
- diff from 2.82-1ubuntu1 to 2.82-1ubuntu2 (13.1 KiB)
dnsmasq (2.79-1ubuntu0.2) bionic-security; urgency=medium
* SECURITY UPDATE: Multiple security issues
- CVE-2020-25681: heap overflow in RRSets sorting
- CVE-2020-25682: buffer overflow in extracting names from DNS packets
- CVE-2020-25683: heap overflow in DNSSEC validation
- CVE-2020-25684: cache poisoning issue via address/port
- CVE-2020-25685: cache poisoning issue via weak hash
- CVE-2020-25686: birthday attack via incorrect existing requests check
- CVE-2020-25687: heap overflow in DNSSEC validation
- CVE-2019-14834: memory leak via DHCP response creation
-- Marc Deslauriers <email address hidden> Fri, 08 Jan 2021 09:59:59 -0500
Available diffs
- diff from 2.79-1ubuntu0.1 to 2.79-1ubuntu0.2 (925 bytes)
dnsmasq (2.75-1ubuntu0.16.04.7) xenial-security; urgency=medium
* SECURITY UPDATE: Multiple security issues
- CVE-2020-25681: heap overflow in RRSets sorting
- CVE-2020-25682: buffer overflow in extracting names from DNS packets
- CVE-2020-25683: heap overflow in DNSSEC validation
- CVE-2020-25684: cache poisoning issue via address/port
- CVE-2020-25685: cache poisoning issue via weak hash
- CVE-2020-25686: birthday attack via incorrect existing requests check
- CVE-2020-25687: heap overflow in DNSSEC validation
- CVE-2019-14834: memory leak via DHCP response creation
-- Marc Deslauriers <email address hidden> Fri, 08 Jan 2021 12:34:33 -0500
Available diffs
dnsmasq (2.80-1.1ubuntu1.2) focal-security; urgency=medium
* SECURITY UPDATE: Multiple security issues
- CVE-2020-25681: heap overflow in RRSets sorting
- CVE-2020-25682: buffer overflow in extracting names from DNS packets
- CVE-2020-25683: heap overflow in DNSSEC validation
- CVE-2020-25684: cache poisoning issue via address/port
- CVE-2020-25685: cache poisoning issue via weak hash
- CVE-2020-25686: birthday attack via incorrect existing requests check
- CVE-2020-25687: heap overflow in DNSSEC validation
- CVE-2019-14834: memory leak via DHCP response creation
-- Marc Deslauriers <email address hidden> Fri, 08 Jan 2021 09:59:59 -0500
Available diffs
- diff from 2.80-1.1ubuntu1.1 to 2.80-1.1ubuntu1.2 (930 bytes)
dnsmasq (2.82-1ubuntu1.1) groovy-security; urgency=medium
* SECURITY UPDATE: Multiple security issues
- CVE-2020-25681: heap overflow in RRSets sorting
- CVE-2020-25682: buffer overflow in extracting names from DNS packets
- CVE-2020-25683: heap overflow in DNSSEC validation
- CVE-2020-25684: cache poisoning issue via address/port
- CVE-2020-25685: cache poisoning issue via weak hash
- CVE-2020-25686: birthday attack via incorrect existing requests check
- CVE-2020-25687: heap overflow in DNSSEC validation
-- Marc Deslauriers <email address hidden> Fri, 08 Jan 2021 09:50:21 -0500
Available diffs
| Superseded in hirsute-release |
| Obsolete in groovy-release |
| Deleted in groovy-proposed (Reason: moved to Release) |
dnsmasq (2.82-1ubuntu1) groovy; urgency=medium * src/radv.c: avoid leases to be issued forever when not set (LP: #1894619) -- Christian Ehrhardt <email address hidden> Wed, 16 Sep 2020 14:26:58 +0200
Available diffs
- diff from 2.81-4build1 to 2.82-1ubuntu1 (9.9 KiB)
- diff from 2.82-1 (in Debian) to 2.82-1ubuntu1 (810 bytes)
| Superseded in groovy-proposed |
| Deleted in groovy-proposed (Reason: Reverting to avoid delaying nettle transition) |
dnsmasq (2.82-1) unstable; urgency=low * New upstream. -- Simon Kelley <email address hidden> Fri, 26 Jun 2020 22:22:41 +0000
Available diffs
- diff from 2.81-4build1 (in Ubuntu) to 2.82-1 (10.0 KiB)
| Superseded in groovy-release |
| Deleted in groovy-proposed (Reason: moved to Release) |
| Superseded in groovy-proposed |
dnsmasq (2.81-4build1) groovy; urgency=medium * No change rebuild against new libnettle8 and libhogweed6 ABI. -- Dimitri John Ledkov <email address hidden> Mon, 29 Jun 2020 22:23:32 +0100
Available diffs
- diff from 2.82-1 (in Debian) to 2.81-4build1 (10.0 KiB)
- diff from 2.81-4 (in Debian) to 2.81-4build1 (587 bytes)
dnsmasq (2.81-4) unstable; urgency=low * Remove runit support when building for Ubuntu. (closes: #960401) -- Simon Kelley <email address hidden> Fri, 26 Jun 2020 21:52:44 +0000
Available diffs
dnsmasq (2.81-3ubuntu2) groovy; urgency=medium * Additional fix for build without dh_runit. -- Steve Langasek <email address hidden> Thu, 07 May 2020 22:13:42 +0000
Available diffs
- diff from 2.80-1.1ubuntu1 to 2.81-3ubuntu2 (264.6 KiB)
- diff from 2.81-3ubuntu1 to 2.81-3ubuntu2 (890 bytes)
| Superseded in groovy-proposed |
dnsmasq (2.81-3ubuntu1) groovy; urgency=medium
* Drop dh_runit handling, unsupported in Ubuntu and causes a build
failure.
-- Steve Langasek <email address hidden> Thu, 07 May 2020 14:30:53 -0700
Available diffs
- diff from 2.81-3 (in Debian) to 2.81-3ubuntu1 (844 bytes)
dnsmasq (2.81-3) unstable; urgency=low * Fixes to control file for bug 958100 -- Simon Kelley <email address hidden> Sun, 19 Apr 2020 21:44:12 +0000
| Superseded in groovy-release |
| Published in focal-release |
| Deleted in focal-proposed (Reason: moved to Release) |
dnsmasq (2.80-1.1ubuntu1) focal; urgency=low
* Merge from Debian unstable. Remaining changes:
- Revert upstream commit 3af747d94bae66a2a1b564b2d04161a78159a434:
"Do unsolicited RAs for interfaces which appear after dnsmasq startup."
- it caused a regression in the network-manager autopkgtests.
- Fix FTBFS in eoan due to glibc 2.30 SIOCGSTAMP changes
- Apply ab73a746a0d6fcac2e682c5548eeb87fb9c9c82e from upstream GIT to fix
build error against nettle 3.5.
Available diffs
dnsmasq (2.80-1ubuntu4) focal; urgency=medium
* Apply ab73a746a0d6fcac2e682c5548eeb87fb9c9c82e from upstream GIT to fix
build error against nettle 3.5. Closes: #940985; thanks to Andreas
Metzler <email address hidden>.
-- Steve Langasek <email address hidden> Mon, 04 Nov 2019 17:28:11 -0800
Available diffs
- diff from 2.80-1ubuntu2 to 2.80-1ubuntu4 (803 bytes)
- diff from 2.80-1ubuntu3 to 2.80-1ubuntu4 (720 bytes)
| Superseded in focal-proposed |
dnsmasq (2.80-1ubuntu3) focal; urgency=medium * No-change rebuild against libnettle7 -- Steve Langasek <email address hidden> Thu, 31 Oct 2019 22:10:11 +0000
Available diffs
- diff from 2.80-1ubuntu2 to 2.80-1ubuntu3 (317 bytes)
| Superseded in focal-release |
| Obsolete in eoan-release |
| Deleted in eoan-proposed (Reason: moved to release) |
dnsmasq (2.80-1ubuntu2) eoan; urgency=medium * Fix FTBFS in eoan due to glibc 2.30 SIOCGSTAMP changes (LP: #1843430) -- Christian Ehrhardt <email address hidden> Tue, 10 Sep 2019 15:00:04 +0200
Available diffs
- diff from 2.80-1ubuntu1 to 2.80-1ubuntu2 (526 bytes)
| Superseded in eoan-release |
| Obsolete in disco-release |
| Deleted in disco-proposed (Reason: moved to release) |
dnsmasq (2.80-1ubuntu1) disco; urgency=medium
* Revert upstream commit 3af747d94bae66a2a1b564b2d04161a78159a434:
"Do unsolicited RAs for interfaces which appear after dnsmasq startup."
- it caused a regression in the network-manager autopkgtests.
-- Julian Andres Klode <email address hidden> Tue, 08 Jan 2019 16:34:58 +0100
Available diffs
- diff from 2.80-1 (in Debian) to 2.80-1ubuntu1 (902 bytes)
dnsmasq (2.80-1) unstable; urgency=low * New upstream. (closes: #837602) (closes: #794640) (closes: #794636) * Close old bugs, long agp fixed. (closes: #802845) (closes: #754299) * Provide usr/lib/tmpfiles.d/dnsmasq.conf. (closes: #872396) * Run restorecon on /run/dnsmasq for SE Linux. (closes: #872397) -- Simon Kelley <email address hidden> Mon, 17 Sep 2018 23:11:25 +0000
Available diffs
- diff from 2.79-1 to 2.80-1 (72.7 KiB)
dnsmasq (2.75-1ubuntu0.16.04.5) xenial-security; urgency=medium
* trusty-anchors.conf: Update DNSSEC trust anchors
- 05da782f8f45933915af0ef3cc1ba35e31d20c59
-- Marc Deslauriers <email address hidden> Thu, 12 Jul 2018 09:39:42 -0400
| Superseded in disco-release |
| Obsolete in cosmic-release |
| Published in bionic-release |
| Deleted in bionic-proposed (Reason: moved to release) |
dnsmasq (2.79-1) unstable; urgency=low
* New upstream. (closes: #888200)
* Fix trust-anchor regex in init script. (closes: #884347)
* Fix exit code for dhcp_release6 (closes: #833596)
* Add project homepage to control file. (closes: #887764)
* New binary package dnsmasq-base-lua, includes Lua support.
* Remove hardwired shlibs dependency for libnettle 3.3 and
fix code to avoid ABI breakage as long as compiled against
libnettle 3.4 or later. (closes: #891315)
-- Simon Kelley <email address hidden> Fri, 16 Feb 2018 19:54:22 +0000
Available diffs
- diff from 2.78-3 to 2.79-1 (69.1 KiB)
dnsmasq (2.78-3) unstable; urgency=high * Make failure of pidfile chown a warning. (closes: #889857) -- Simon Kelley <email address hidden> Thu, 8 Feb 2018 21:26:30 +0000
Available diffs
- diff from 2.78-1 to 2.78-3 (996 bytes)
- diff from 2.78-2 to 2.78-3 (870 bytes)
dnsmasq (2.78-2) unstable; urgency=high * Change ownership of pid file, to keep systemd happy. (closes: #889336) -- Simon Kelley <email address hidden> Tue, 6 Feb 2018 17:21:30 +0000
dnsmasq (2.59-4ubuntu0.4) precise-security; urgency=medium
* REGRESSION UPDATE: a offset error passed in the last update that cause a
regresion in dnsmasq this update fix this issue.
-- <email address hidden> (Leonidas S. Barbosa) Tue, 02 Jan 2018 21:22:45 -0300
Available diffs
dnsmasq (2.76-5ubuntu0.2) zesty; urgency=medium
* Fix replying prematurely if one of many servers replies REFUSED
(LP: #1726017) by adding an upstream patche.
- 2.77: 68f6312d4b: Stop treating SERVFAIL as a successful response from
upstream servers.
-- Christian Ehrhardt <email address hidden> Mon, 23 Oct 2017 08:48:44 +0200
Available diffs
dnsmasq (2.75-1ubuntu0.16.04.4) xenial; urgency=medium
* Fix replying prematurely if one of many servers replies REFUSED
(LP: #1726017) by adding two upstream patches.
- 2.76: 4ace25c5d6: Treat REFUSED (not SERVFAIL) as an unsuccessful
upstream response
- 2.77: 68f6312d4b: Stop treating SERVFAIL as a successful response from
upstream servers.
-- Christian Ehrhardt <email address hidden> Mon, 23 Oct 2017 08:32:22 +0200
Available diffs
| Superseded in bionic-release |
| Obsolete in artful-release |
| Deleted in artful-proposed (Reason: moved to release) |
dnsmasq (2.78-1) unstable; urgency=high
* New upstream.
Security fixes for CVE-2017-13704 (closes: #877102)
Security fixes for CVE-2017-14491 - CVE-2017-14496 inclusive.
-- Simon Kelley <email address hidden> Sun, 29 Sep 2017 21:34:00 +0000
Available diffs
- diff from 2.77-2 to 2.78-1 (184.4 KiB)
dnsmasq (2.68-1ubuntu0.2) trusty-security; urgency=medium
* SECURITY UPDATE: add fixes to correct multiple security issues
- CVE-2017-14491 DNS heap buffer overflow.
- CVE-2017-14492, DHCPv6 RA heap overflow.
- CVE-2017-14493, DHCPv6 - Stack buffer overflow.
- CVE-2017-14494, Infoleak handling DHCPv6 forwarded requests.
- CVE-2017-14495, OOM in DNS response creation.
- CVE-2017-14496, Integer underflow in DNS response creation.
-- Marc Deslauriers <email address hidden> Tue, 26 Sep 2017 18:01:37 -0400
Available diffs
dnsmasq (2.75-1ubuntu0.16.04.3) xenial-security; urgency=medium
* SECURITY UPDATE: add fixes to correct multiple security issues
- CVE-2017-14491 DNS heap buffer overflow.
- CVE-2017-14492, DHCPv6 RA heap overflow.
- CVE-2017-14493, DHCPv6 - Stack buffer overflow.
- CVE-2017-14494, Infoleak handling DHCPv6 forwarded requests.
- CVE-2017-14495, OOM in DNS response creation.
- CVE-2017-14496, Integer underflow in DNS response creation.
-- Marc Deslauriers <email address hidden> Tue, 26 Sep 2017 17:42:14 -0400
dnsmasq (2.76-5ubuntu0.1) zesty-security; urgency=medium
* SECURITY UPDATE: add fixes to correct multiple security issues
- CVE-2017-14491 DNS heap buffer overflow.
- CVE-2017-14492, DHCPv6 RA heap overflow.
- CVE-2017-14493, DHCPv6 - Stack buffer overflow.
- CVE-2017-14494, Infoleak handling DHCPv6 forwarded requests.
- CVE-2017-14495, OOM in DNS response creation.
- CVE-2017-14496, Integer underflow in DNS response creation.
-- Marc Deslauriers <email address hidden> Tue, 26 Sep 2017 14:01:49 -0400
Available diffs
dnsmasq (2.77-2) unstable; urgency=low * Improve sed regexp for parsing root.ds. -- Simon Kelley <email address hidden> Mon, 5 Jun 2017 20:46:32 +0000
Available diffs
- diff from 2.77-1 to 2.77-2 (480 bytes)
dnsmasq (2.77-1) unstable; urgency=low
* New upstream.
* Don't register as a resolvconf source when config file
includes port=0 to disable DNS.
* Handle gratuitous format change in /usr/share/dns/root.ds
(closes: #858506) (closes: #860064)
* Add lsb-base dependancy.
-- Simon Kelley <email address hidden> Tue, 11 Apr 2017 14:19:20 +0000
Available diffs
- diff from 2.76-5 to 2.77-1 (85.6 KiB)
dnsmasq (2.76-4ubuntu0.1) yakkety; urgency=medium
* Add two upstream patches to fix binding to an interface being
destroyed and recreated. LP: #1639776.
+ 2675f2061525bc954be14988d64384b74aa7bf8b
+ 16800ea072dd0cdf14d951c4bb8d2808b3dfe53d
-- Nishanth Aravamudan <email address hidden> Tue, 28 Mar 2017 10:36:48 -0700
Available diffs
dnsmasq (2.75-1ubuntu0.16.04.2) xenial; urgency=medium
* Add two upstream patches to fix binding to an interface being
destroyed and recreated. LP: #1639776.
+ 2675f2061525bc954be14988d64384b74aa7bf8b
+ 16800ea072dd0cdf14d951c4bb8d2808b3dfe53d
-- Nishanth Aravamudan <email address hidden> Mon, 27 Mar 2017 17:22:13 -0700
| Superseded in artful-release |
| Obsolete in zesty-release |
| Deleted in zesty-proposed (Reason: moved to release) |
dnsmasq (2.76-5) unstable; urgency=medium
* Nail libnettle dependency to avoid ABI incompatibility.
(closes: #846642)
-- Simon Kelley <email address hidden> Sat, 13 Aug 2016 21:43:10 +0000
Available diffs
- diff from 2.76-4.1 to 2.76-5 (357 bytes)
dnsmasq (2.76-4.1) unstable; urgency=medium
* Non-maintainer upload.
* Add two upstream patches to fix binding to an interface being
destroyed and recreated. Closes: #834722.
+ 2675f2061525bc954be14988d64384b74aa7bf8b
+ 16800ea072dd0cdf14d951c4bb8d2808b3dfe53d
-- Vincent Bernat <email address hidden> Sat, 26 Nov 2016 20:15:34 +0100
Available diffs
| 1 → 75 of 160 results | First • Previous • Next • Last |
