OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/dnsmasq?expand=0&rev=9

2008-07-14 20:47:23 +00:00 · 2008-07-14 20:47:23 +00:00 · 3c009fb508
commit 3c009fb508
parent 6e2e94f8f2
4 changed files with 28 additions and 5 deletions
--- a/dnsmasq-2.42.tar.bz2
+++ b/dnsmasq-2.42.tar.bz2
@ -1,3 +0,0 @@
-version https://git-lfs.github.com/spec/v1
-oid sha256:e3724129df1bb5e6df302f0c96b2594d71ef1841be7156e6891374968790ed6c
-size 285589
--- a/dnsmasq-2.43.tar.bz2
+++ b/dnsmasq-2.43.tar.bz2
@ -0,0 +1,3 @@
+version https://git-lfs.github.com/spec/v1
+oid sha256:7e43b5ebbc37df02348f63391a92b71f3940139a07e44a9662be06806cc47e5a
+size 293896
--- a/dnsmasq.changes
+++ b/dnsmasq.changes
@ -1,3 +1,16 @@
+-------------------------------------------------------------------
+Mon Jul 14 09:45:15 CEST 2008 - ug@suse.de
+
+- This release fixes the DNS spoofing vulnerabilities announced in
+  CERT VU#800113. It adds source port randomization for communication with
+  upstream nameservers and replaces the C library PRNG with stronger code. It
+  makes failure to drop root privileges a hard error (previous versions would
+  log the error and continue, running as root.) Other changes include an
+  update to avoid triggering Linux kernel messages about an out-of-date
+  capabilities ABI, support for NAPTR records, and RFC 5107
+  server-id-override. 
+- 2.43
+
 -------------------------------------------------------------------
 Thu Jun 19 16:42:54 CEST 2008 - ug@suse.de

--- a/dnsmasq.spec
+++ b/dnsmasq.spec
@ -1,5 +1,5 @@
 #
-# spec file for package dnsmasq (Version 2.42)
+# spec file for package dnsmasq (Version 2.43)
 #
 # Copyright (c) 2008 SUSE LINUX Products GmbH, Nuernberg, Germany.
 # This file and all modifications and additions to the pristine
@ -13,7 +13,7 @@

 Name:           dnsmasq
 Summary:        Lightweight, Easy-to-Configure DNS Forwarder and DHCP Server
-Version:        2.42
+Version:        2.43
 Release:        1
 License:        GPL v2 or later
 Group:          Productivity/Networking/DNS/Servers
@ -101,6 +101,16 @@ install -m 644 SuSEFirewall.dnsmasq-dhcp ${RPM_BUILD_ROOT}/%{_sysconfdir}/syscon
 %{_mandir}/es/man8/dnsmasq.8.gz

 %changelog
+* Mon Jul 14 2008 ug@suse.de
+- This release fixes the DNS spoofing vulnerabilities announced in
+  CERT VU#800113. It adds source port randomization for communication with
+  upstream nameservers and replaces the C library PRNG with stronger code. It
+  makes failure to drop root privileges a hard error (previous versions would
+  log the error and continue, running as root.) Other changes include an
+  update to avoid triggering Linux kernel messages about an out-of-date
+  capabilities ABI, support for NAPTR records, and RFC 5107
+  server-id-override.
+- 2.43
 * Thu Jun 19 2008 ug@suse.de
 - running as user dnsmasq now (bnc#401643)
 * Thu Jun 05 2008 ug@suse.de