[Buildroot] [PATCH] dnsmasq: add upstream security fix patches

Thomas Petazzoni thomas.petazzoni at bootlin.com
Thu Feb 8 22:05:00 UTC 2018


Hello,

On Thu,  8 Feb 2018 21:16:35 +0200, Baruch Siach wrote:
> Fixes CVE-2017-15107: An attacker can craft an NSEC which wrongly proves
> non-existence.
> 
> Cc: Matt Weber <matthew.weber at rockwellcollins.com>
> Signed-off-by: Baruch Siach <baruch at tkos.co.il>
> ---
>  ...for-wildcard-NSEC-records.-CVE-2017-15107.patch | 212 +++++++++++++++++++++
>  ...validation-errors-introduced-in-4fe6744a2.patch |  29 +++
>  2 files changed, 241 insertions(+)
>  create mode 100644 package/dnsmasq/0001-DNSSEC-fix-for-wildcard-NSEC-records.-CVE-2017-15107.patch
>  create mode 100644 package/dnsmasq/0002-Fix-DNSSEC-validation-errors-introduced-in-4fe6744a2.patch

Applied to master, thanks.

Thomas
-- 
Thomas Petazzoni, CTO, Bootlin (formerly Free Electrons)
Embedded Linux and Kernel engineering
https://bootlin.com


More information about the buildroot mailing list