diff --git a/dnsmasq-2.89.tar.xz b/dnsmasq-2.89.tar.xz deleted file mode 100644 index 0ce2ae2..0000000 --- a/dnsmasq-2.89.tar.xz +++ /dev/null @@ -1,3 +0,0 @@ -version https://git-lfs.github.com/spec/v1 -oid sha256:02bd230346cf0b9d5909f5e151df168b2707103785eb616b56685855adebb609 -size 562700 diff --git a/dnsmasq-2.89.tar.xz.asc b/dnsmasq-2.89.tar.xz.asc deleted file mode 100644 index 58ae11e..0000000 --- a/dnsmasq-2.89.tar.xz.asc +++ /dev/null @@ -1,16 +0,0 @@ ------BEGIN PGP SIGNATURE----- - -iQIzBAABCAAdFiEE1urL1u5GuDQkjRESFc3aauGRNaIFAmPe36kACgkQFc3aauGR -NaLJZg/+K/gk5uLUH48BCNAVNtffC1jGLIxQ2usJbXvJ02n9WcidN3dX6MlVBYNq -s5ouNuDZdIgydJjFWgIIqxtsVdeYhJ6sd9fSDX+8iT4zDLw0N1puDE5YZvvqHxFD -0gYuIcu4ukr5tsBL5ClWoVtTDGEi8NZ+PaGCZrnPVuZWPAnNrf3MbiUqPaJxCgA6 -GNnfqm9LKEL5sPwQlErhf1GLFG7UOPXyjfIQilI6+ShCajDmDjvsPs8Y3JqC66rt -6OEFDKbNVoZQDVA53PswLa1mb5gryB6r7gU5ofwS6jr34BNFfkBGFk6wjhZfZenu -OGU3Adk36l5HykAH5fjDs95bVBLoq+N+gG1Yor4qgUmdgSlLvh8lwArXwweWW2Q5 -k/Nkk/MZaIEL+3nqdIMptfGG82rhCuS1jse2DyYcTmJiJdew2Mv+AQAVIm/Km7oa -3HrpxQJ88LLRtWwfKbW9yRipt+JkzrrZun5VftQ85Xn9nELgU5n5rdHUCzXrpu0r -/dFw5JoTfcIsPGQ8a2IIMW6SyWOEkv8EWAq+10mNokpnQMv5RFHmZoGQhx1PmHWy -+mqHh9T2B9KYGHKRjP4apQkX+JSuqmsdLt1sNfzcnwjQQ0nEq0FMub2hNJ8V0S/4 -h/QpdO6qLn9RYSx0Be31BTAZNq71ow6HPjV62i4l+xTpYq9q1Ik= -=yXEY ------END PGP SIGNATURE----- diff --git a/dnsmasq-2.90.tar.xz b/dnsmasq-2.90.tar.xz new file mode 100644 index 0000000..d5a7820 --- /dev/null +++ b/dnsmasq-2.90.tar.xz @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:8e50309bd837bfec9649a812e066c09b6988b73d749b7d293c06c57d46a109e4 +size 570672 diff --git a/dnsmasq-2.90.tar.xz.asc b/dnsmasq-2.90.tar.xz.asc new file mode 100644 index 0000000..583aaa0 --- /dev/null +++ b/dnsmasq-2.90.tar.xz.asc @@ -0,0 +1,16 @@ +-----BEGIN PGP SIGNATURE----- + +iQIzBAABCAAdFiEE1urL1u5GuDQkjRESFc3aauGRNaIFAmXLc7MACgkQFc3aauGR +NaKwug/7BIZ9TOBB65sR/rBg0JU/4jBG1WQglmEckSkK7NWagXVbjlVVl0F1AUZo +JBaW6qIvFZ9q7OlOB50gpZNC0wvIYRa8bdvicWjktxW/KFC/NZo5iI6DHH0p6LK2 +pymMCGyRkAgVc8Yxv3BDTqw70ld4gA8WamNWQsfS14n0VF/abOv/A0x70XkHPdIc +U9ZZX+1/Zn6s08arzUSEAnuR3+SW6Amq6MJKwCT8eVDNvTG35o0+HWAmyo+EjRmo +PdiIa1fmOcY8V80E5Xs2V11kMZeAZymD/GzCUTwW4Q2T7WW3OsMc9KlH35bAhfvI +iiBDbmYqI6AgLi6rIB1X6CKZ5V3VR93nxbSieaocZ145BAukxFOLuBTqjR1jhZt7 +63HfbYv3aViwMX2Ggk0XIh/OvIr6dFAsqiD6n+pYKLOVs1nyhXK1UP+J/9BhvJfx +4Dzx38K1iFilyR35tUiRosiZHgEHiZtJJ2u4B+nVENHpcVPG1cZQ92x7b2UDBfL4 +wcZ2U4guxdN4iBE7zzCseJNFL7NZ0U476RWEG9NybAnGGlpDY8m5AuQ5nHT0AjV7 +d+Fq0EaKr0rfjDk1bjYf88VRW0Khx4Fz5IsmnGw/p+09xBEhQftK+M42FpIbbscx +uZQ5i7CNkMAsft/lUGYEdLcTi5HuDWBtbXjVMLvzFRPz7W9l0J0= +=iZdM +-----END PGP SIGNATURE----- diff --git a/dnsmasq-groups.patch b/dnsmasq-groups.patch index 803c50f..85fdc3b 100644 --- a/dnsmasq-groups.patch +++ b/dnsmasq-groups.patch @@ -1,6 +1,6 @@ --- src/dnsmasq.c.orig +++ src/dnsmasq.c -@@ -731,11 +731,10 @@ int main (int argc, char **argv) +@@ -728,11 +728,10 @@ int main (int argc, char **argv) if (!option_bool(OPT_DEBUG) && getuid() == 0) { int bad_capabilities = 0; diff --git a/dnsmasq.changes b/dnsmasq.changes index 50d6f0e..a14468b 100644 --- a/dnsmasq.changes +++ b/dnsmasq.changes @@ -1,3 +1,24 @@ +------------------------------------------------------------------- +Wed Feb 14 17:39:46 UTC 2024 - Reinhard Max + +- update to 2.90: + * CVE-2023-50387, CVE-2023-50868, bsc#1219823, bsc#1219826: + Denial Of Service while trying to validate specially crafted + DNSSEC responses + * Fix reversion in --rev-server introduced in 2.88 which caused + breakage if the prefix length is not exactly divisible by 8 + (IPv4) or 4 (IPv6). + * Fix possible SEGV when there server(s) for a particular domain + are configured, but no server which is not qualified for a + particular domain. + * Set the default maximum DNS UDP packet sice to 1232. + Obsoletes: dnsmasq-CVE-2023-28450.patch + * Add --no-dhcpv4-interface and --no-dhcpv6-interface for better + control over which inetrfaces are providing DHCP service. + * Fix issue with stale caching + * Add configurable caching for arbitrary RR-types. + * Add --filter-rr option, to filter arbitrary RR-types. + ------------------------------------------------------------------- Fri Oct 13 08:48:49 UTC 2023 - Thorsten Kukuk diff --git a/dnsmasq.spec b/dnsmasq.spec index fc23acf..aa394d2 100644 --- a/dnsmasq.spec +++ b/dnsmasq.spec @@ -1,7 +1,7 @@ # # spec file for package dnsmasq # -# Copyright (c) 2023 SUSE LLC +# Copyright (c) 2024 SUSE LLC # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed @@ -22,7 +22,7 @@ %bcond_with tftp_user_package %endif Name: dnsmasq -Version: 2.89 +Version: 2.90 Release: 0 Summary: DNS Forwarder and DHCP Server License: GPL-2.0-only OR GPL-3.0-only @@ -35,7 +35,6 @@ Source4: dnsmasq.service Source5: rc.dnsmasq-suse Source6: system-user-dnsmasq.conf Patch0: dnsmasq-groups.patch -Patch1: dnsmasq-CVE-2023-28450.patch BuildRequires: dbus-1-devel BuildRequires: dos2unix BuildRequires: libidn2-devel