pool/dnsmasq
SHA256
4
0
Fork 1
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

- update to 2.90:

Browse Source 
* CVE-2023-50387, CVE-2023-50868, bsc#1219823, bsc#1219826:
    Denial Of Service while trying to validate specially crafted
    DNSSEC responses
  * Fix reversion in --rev-server introduced in 2.88 which caused
    breakage if the prefix length is not exactly divisible by 8
    (IPv4) or 4 (IPv6).
  * Fix possible SEGV when there server(s) for a particular domain
    are configured, but no server which is not qualified for a
    particular domain.
  * Set the default maximum DNS UDP packet sice to 1232.
    Obsoletes: dnsmasq-CVE-2023-28450.patch
  * Add --no-dhcpv4-interface and --no-dhcpv6-interface for better
    control over which inetrfaces are providing DHCP service.
  * Fix issue with stale caching
  * Add configurable caching for arbitrary RR-types.
  * Add --filter-rr option, to filter arbitrary RR-types.

OBS-URL: https://build.opensuse.org/package/show/network/dnsmasq?expand=0&rev=165
This commit is contained in:
Reinhard Max 2024-02-14 18:04:45 +00:00 committed by Git OBS Bridge
parent 22e8185410
commit 0cc8ed3dc1
7 changed files with 43 additions and 23 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

BIN
dnsmasq-2.89.tar.xz (Stored with Git LFS)
View File

Binary file not shown.

16
dnsmasq-2.89.tar.xz.asc
View File

@ -1,16 +0,0 @@
-----BEGIN PGP SIGNATURE-----
iQIzBAABCAAdFiEE1urL1u5GuDQkjRESFc3aauGRNaIFAmPe36kACgkQFc3aauGR
NaLJZg/+K/gk5uLUH48BCNAVNtffC1jGLIxQ2usJbXvJ02n9WcidN3dX6MlVBYNq
s5ouNuDZdIgydJjFWgIIqxtsVdeYhJ6sd9fSDX+8iT4zDLw0N1puDE5YZvvqHxFD
0gYuIcu4ukr5tsBL5ClWoVtTDGEi8NZ+PaGCZrnPVuZWPAnNrf3MbiUqPaJxCgA6
GNnfqm9LKEL5sPwQlErhf1GLFG7UOPXyjfIQilI6+ShCajDmDjvsPs8Y3JqC66rt
6OEFDKbNVoZQDVA53PswLa1mb5gryB6r7gU5ofwS6jr34BNFfkBGFk6wjhZfZenu
OGU3Adk36l5HykAH5fjDs95bVBLoq+N+gG1Yor4qgUmdgSlLvh8lwArXwweWW2Q5
k/Nkk/MZaIEL+3nqdIMptfGG82rhCuS1jse2DyYcTmJiJdew2Mv+AQAVIm/Km7oa
3HrpxQJ88LLRtWwfKbW9yRipt+JkzrrZun5VftQ85Xn9nELgU5n5rdHUCzXrpu0r
/dFw5JoTfcIsPGQ8a2IIMW6SyWOEkv8EWAq+10mNokpnQMv5RFHmZoGQhx1PmHWy
+mqHh9T2B9KYGHKRjP4apQkX+JSuqmsdLt1sNfzcnwjQQ0nEq0FMub2hNJ8V0S/4
h/QpdO6qLn9RYSx0Be31BTAZNq71ow6HPjV62i4l+xTpYq9q1Ik=
=yXEY
-----END PGP SIGNATURE-----

BIN
dnsmasq-2.90.tar.xz (Stored with Git LFS) Normal file
View File

Binary file not shown.

16
dnsmasq-2.90.tar.xz.asc Normal file
View File

@ -0,0 +1,16 @@
-----BEGIN PGP SIGNATURE-----
iQIzBAABCAAdFiEE1urL1u5GuDQkjRESFc3aauGRNaIFAmXLc7MACgkQFc3aauGR
NaKwug/7BIZ9TOBB65sR/rBg0JU/4jBG1WQglmEckSkK7NWagXVbjlVVl0F1AUZo
JBaW6qIvFZ9q7OlOB50gpZNC0wvIYRa8bdvicWjktxW/KFC/NZo5iI6DHH0p6LK2
pymMCGyRkAgVc8Yxv3BDTqw70ld4gA8WamNWQsfS14n0VF/abOv/A0x70XkHPdIc
U9ZZX+1/Zn6s08arzUSEAnuR3+SW6Amq6MJKwCT8eVDNvTG35o0+HWAmyo+EjRmo
PdiIa1fmOcY8V80E5Xs2V11kMZeAZymD/GzCUTwW4Q2T7WW3OsMc9KlH35bAhfvI
iiBDbmYqI6AgLi6rIB1X6CKZ5V3VR93nxbSieaocZ145BAukxFOLuBTqjR1jhZt7
63HfbYv3aViwMX2Ggk0XIh/OvIr6dFAsqiD6n+pYKLOVs1nyhXK1UP+J/9BhvJfx
4Dzx38K1iFilyR35tUiRosiZHgEHiZtJJ2u4B+nVENHpcVPG1cZQ92x7b2UDBfL4
wcZ2U4guxdN4iBE7zzCseJNFL7NZ0U476RWEG9NybAnGGlpDY8m5AuQ5nHT0AjV7
d+Fq0EaKr0rfjDk1bjYf88VRW0Khx4Fz5IsmnGw/p+09xBEhQftK+M42FpIbbscx
uZQ5i7CNkMAsft/lUGYEdLcTi5HuDWBtbXjVMLvzFRPz7W9l0J0=
=iZdM
-----END PGP SIGNATURE-----

2
dnsmasq-groups.patch
View File

@ -1,6 +1,6 @@
--- src/dnsmasq.c.orig --- src/dnsmasq.c.orig
+++ src/dnsmasq.c +++ src/dnsmasq.c
@@ -731,11 +731,10 @@ int main (int argc, char **argv) @@ -728,11 +728,10 @@ int main (int argc, char **argv)
if (!option_bool(OPT_DEBUG) && getuid() == 0) if (!option_bool(OPT_DEBUG) && getuid() == 0)
{ {
int bad_capabilities = 0; int bad_capabilities = 0;

21
dnsmasq.changes
View File

@ -1,3 +1,24 @@
-------------------------------------------------------------------
Wed Feb 14 17:39:46 UTC 2024 - Reinhard Max <max@suse.com>
- update to 2.90:
* CVE-2023-50387, CVE-2023-50868, bsc#1219823, bsc#1219826:
Denial Of Service while trying to validate specially crafted
DNSSEC responses
* Fix reversion in --rev-server introduced in 2.88 which caused
breakage if the prefix length is not exactly divisible by 8
(IPv4) or 4 (IPv6).
* Fix possible SEGV when there server(s) for a particular domain
are configured, but no server which is not qualified for a
particular domain.
* Set the default maximum DNS UDP packet sice to 1232.
Obsoletes: dnsmasq-CVE-2023-28450.patch
* Add --no-dhcpv4-interface and --no-dhcpv6-interface for better
control over which inetrfaces are providing DHCP service.
* Fix issue with stale caching
* Add configurable caching for arbitrary RR-types.
* Add --filter-rr option, to filter arbitrary RR-types.
------------------------------------------------------------------- -------------------------------------------------------------------
Fri Oct 13 08:48:49 UTC 2023 - Thorsten Kukuk <kukuk@suse.com> Fri Oct 13 08:48:49 UTC 2023 - Thorsten Kukuk <kukuk@suse.com>

5
dnsmasq.spec
View File

@ -1,7 +1,7 @@
# #
# spec file for package dnsmasq # spec file for package dnsmasq
# #
# Copyright (c) 2023 SUSE LLC # Copyright (c) 2024 SUSE LLC
# #
# All modifications and additions to the file contributed by third parties # All modifications and additions to the file contributed by third parties
# remain the property of their copyright owners, unless otherwise agreed # remain the property of their copyright owners, unless otherwise agreed
@ -22,7 +22,7 @@
%bcond_with tftp_user_package %bcond_with tftp_user_package
%endif %endif
Name: dnsmasq Name: dnsmasq
Version: 2.89 Version: 2.90
Release: 0 Release: 0
Summary: DNS Forwarder and DHCP Server Summary: DNS Forwarder and DHCP Server
License: GPL-2.0-only OR GPL-3.0-only License: GPL-2.0-only OR GPL-3.0-only
@ -35,7 +35,6 @@ Source4: dnsmasq.service
Source5: rc.dnsmasq-suse Source5: rc.dnsmasq-suse
Source6: system-user-dnsmasq.conf Source6: system-user-dnsmasq.conf
Patch0: dnsmasq-groups.patch Patch0: dnsmasq-groups.patch
Patch1: dnsmasq-CVE-2023-28450.patch
BuildRequires: dbus-1-devel BuildRequires: dbus-1-devel
BuildRequires: dos2unix BuildRequires: dos2unix
BuildRequires: libidn2-devel BuildRequires: libidn2-devel