[Buildroot] [PATCH v2 1/2] dnsmasq: security bump to version 2.78
Peter Korsgaard
peter at korsgaard.com
Tue Oct 17 09:01:31 UTC 2017
>>>>> "Baruch" == Baruch Siach <baruch at tkos.co.il> writes:
> Supported Lua version is now 5.2.
> Add licenses hash.
> Fixes a number of security issues:
> CVE-2017-13704 - Crash when DNS query exceeded 512 bytes (a regression
> in 2.77, so technically not fixed by this bump)
> CVE-2017-14491 - Heap overflow in DNS code
> CVE-2017-14492 - Heap overflow in IPv6 router advertisement code
> CVE-2017-14493 - Stack overflow in DHCPv6 code
> CVE-2017-14494 - Information leak in DHCPv6
> CVE-2017-14496 - Invalid boundary checks allows a malicious DNS queries
> to trigger DoS
> CVE-2017-14495 - Out-of-memory Dos vulnerability
> Signed-off-by: Baruch Siach <baruch at tkos.co.il>
> ---
> v2: Bump to 2.78
> Note security fixes in the commit log
Committed to 2017.08.x, thanks.
--
Bye, Peter Korsgaard
More information about the buildroot
mailing list