From 428579c9fbabe3959ec17007dbcd5486e44ba9338466d8c9342603c241a91e1c Mon Sep 17 00:00:00 2001 From: Reinhard Max Date: Wed, 3 Aug 2016 14:02:20 +0000 Subject: [PATCH] - Update to 2.76: * Include 0.0.0.0/8 in DNS rebind checks. * Enhance --add-subnet to allow arbitrary subnet addresses. * Respect the --no-resolv flag in inotify code. Fixes bug which caused dnsmasq to fail to start if a resolv-file was a dangling symbolic link, even of --no-resolv set. * Fix crash when an A or AAAA record is defined locally, in a hosts file, and an upstream server sends a reply that the same name is empty (CVE-2015-8899, bsc#983273). * Fix failure to correctly calculate cache-size when reading a hosts-file fails. * Fix wrong answer to simple name query when --domain-needed set, but no upstream servers configured. * Return REFUSED when running out of forwarding table slots, not SERVFAIL. * Add --max-port configuration. * Add --script-arp and two new functions for the dhcp-script. * Extend --add-mac to allow a new encoding of the MAC address as base64, by configurting --add-mac=base64 * Add --add-cpe-id option. * Don't crash with divide-by-zero if an IPv6 dhcp-range is declared as a whole /64. (ie xx::0 to xx::ffff:ffff:ffff:ffff) * Add support for a TTL parameter in --host-record and --cname. * Add --dhcp-ttl option. * Add --tftp-mtu option. * Check return-code of inet_pton() when parsing dhcp-option. * Fix wrong value for EDNS UDP packet size when using --servers-file to define upstream DNS servers. * Add dhcp_release6 to contrib/lease-tools. OBS-URL: https://build.opensuse.org/package/show/network/dnsmasq?expand=0&rev=84 --- dnsmasq-2.75.tar.xz | 3 --- dnsmasq-2.75.tar.xz.asc | 7 ------- dnsmasq-2.76.tar.xz | 3 +++ dnsmasq-2.76.tar.xz.asc | 7 +++++++ dnsmasq.changes | 36 ++++++++++++++++++++++++++++++++++++ dnsmasq.spec | 14 +++++++------- 6 files changed, 53 insertions(+), 17 deletions(-) delete mode 100644 dnsmasq-2.75.tar.xz delete mode 100644 dnsmasq-2.75.tar.xz.asc create mode 100644 dnsmasq-2.76.tar.xz create mode 100644 dnsmasq-2.76.tar.xz.asc diff --git a/dnsmasq-2.75.tar.xz b/dnsmasq-2.75.tar.xz deleted file mode 100644 index 24ddc63..0000000 --- a/dnsmasq-2.75.tar.xz +++ /dev/null @@ -1,3 +0,0 @@ -version https://git-lfs.github.com/spec/v1 -oid sha256:640c4e1d4c298e42458419cd78cfc26acc549401b1a34d271cd3e0e4226941f1 -size 472484 diff --git a/dnsmasq-2.75.tar.xz.asc b/dnsmasq-2.75.tar.xz.asc deleted file mode 100644 index d14730d..0000000 --- a/dnsmasq-2.75.tar.xz.asc +++ /dev/null @@ -1,7 +0,0 @@ ------BEGIN PGP SIGNATURE----- -Version: GnuPG v1 - -iEYEABECAAYFAlW6gmQACgkQKPyGmiibgrdp4wCfeQXAMoPPcKGYpGPWZIlKXDCZ -JhEAnRQ2EgSlpQgYwSn6HDPVnG4UY5dQ -=VQqP ------END PGP SIGNATURE----- diff --git a/dnsmasq-2.76.tar.xz b/dnsmasq-2.76.tar.xz new file mode 100644 index 0000000..689001e --- /dev/null +++ b/dnsmasq-2.76.tar.xz @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:4b92698dee19ca0cb2a8f2e48f1d2dffd01a21eb15d1fbed4cf085630c8c9f96 +size 480796 diff --git a/dnsmasq-2.76.tar.xz.asc b/dnsmasq-2.76.tar.xz.asc new file mode 100644 index 0000000..00151b5 --- /dev/null +++ b/dnsmasq-2.76.tar.xz.asc @@ -0,0 +1,7 @@ +-----BEGIN PGP SIGNATURE----- +Version: GnuPG v1 + +iEYEABECAAYFAlc8gxEACgkQKPyGmiibgrcEZQCghIcBK2ici5/4klzL7gMQmrar +ZtkAn0evIF/mFDAJsQlWnGTbew3lsxAs +=SVPw +-----END PGP SIGNATURE----- diff --git a/dnsmasq.changes b/dnsmasq.changes index 6b0b4b8..f0c8b76 100644 --- a/dnsmasq.changes +++ b/dnsmasq.changes @@ -1,3 +1,39 @@ +------------------------------------------------------------------- +Wed Aug 3 13:46:06 UTC 2016 - max@suse.com + +- Update to 2.76: + + * Include 0.0.0.0/8 in DNS rebind checks. + * Enhance --add-subnet to allow arbitrary subnet addresses. + * Respect the --no-resolv flag in inotify code. Fixes bug + which caused dnsmasq to fail to start if a resolv-file + was a dangling symbolic link, even of --no-resolv set. + * Fix crash when an A or AAAA record is defined locally, + in a hosts file, and an upstream server sends a reply + that the same name is empty (CVE-2015-8899, bsc#983273). + * Fix failure to correctly calculate cache-size when reading a + hosts-file fails. + * Fix wrong answer to simple name query when --domain-needed + set, but no upstream servers configured. + * Return REFUSED when running out of forwarding table slots, + not SERVFAIL. + * Add --max-port configuration. + * Add --script-arp and two new functions for the dhcp-script. + * Extend --add-mac to allow a new encoding of the MAC address + as base64, by configurting --add-mac=base64 + * Add --add-cpe-id option. + + * Don't crash with divide-by-zero if an IPv6 dhcp-range is + declared as a whole /64. + (ie xx::0 to xx::ffff:ffff:ffff:ffff) + * Add support for a TTL parameter in --host-record and --cname. + * Add --dhcp-ttl option. + * Add --tftp-mtu option. + * Check return-code of inet_pton() when parsing dhcp-option. + * Fix wrong value for EDNS UDP packet size when using + --servers-file to define upstream DNS servers. + * Add dhcp_release6 to contrib/lease-tools. + ------------------------------------------------------------------- Thu Jun 16 12:39:18 UTC 2016 - max@suse.com diff --git a/dnsmasq.spec b/dnsmasq.spec index 43ca2c1..4c75798 100644 --- a/dnsmasq.spec +++ b/dnsmasq.spec @@ -20,7 +20,7 @@ Name: dnsmasq Summary: Lightweight, Easy-to-Configure DNS Forwarder and DHCP Server License: GPL-2.0 or GPL-3.0 Group: Productivity/Networking/DNS/Servers -Version: 2.75 +Version: 2.76 Release: 0 Provides: dns_daemon PreReq: /usr/sbin/useradd /bin/mkdir @@ -99,7 +99,7 @@ export LDFLAGS="-Wl,-z,relro,-z,now -pie" # same flags for make and make install, else everything gets recompiled %define _copts "-DHAVE_DBUS -DHAVE_CONNTRACK -DHAVE_IDN -DHAVE_DNSSEC" make %{?_smp_mflags} AWK=gawk all-i18n CFLAGS="$CFLAGS" LDFLAGS="$LDFLAGS" COPTS=%{_copts} -make -C contrib/wrt %{?_smp_mflags} +make -C contrib/lease-tools %{?_smp_mflags} %pre if ! /usr/bin/getent group tftp >/dev/null; then @@ -142,11 +142,11 @@ install -m 644 trust-anchors.conf ${RPM_BUILD_ROOT}/%{_sysconfdir}/dnsmasq.d/tru # utils subpackage mkdir -p $RPM_BUILD_ROOT%{_bindir} $RPM_BUILD_ROOT%{_mandir}/man1 -install -m 755 contrib/wrt/dhcp_release ${RPM_BUILD_ROOT}%{_bindir}/dhcp_release -install -m 644 contrib/wrt/dhcp_release.1 ${RPM_BUILD_ROOT}%{_mandir}/man1/dhcp_release.1 -install -m 755 contrib/wrt/dhcp_lease_time ${RPM_BUILD_ROOT}%{_bindir}/dhcp_lease_time -install -m 644 contrib/wrt/dhcp_lease_time.1 ${RPM_BUILD_ROOT}%{_mandir}/man1/dhcp_lease_time.1 -rm contrib/wrt/{dhcp_release,dhcp_lease_time} +install -m 755 contrib/lease-tools/dhcp_release ${RPM_BUILD_ROOT}%{_bindir}/dhcp_release +install -m 644 contrib/lease-tools/dhcp_release.1 ${RPM_BUILD_ROOT}%{_mandir}/man1/dhcp_release.1 +install -m 755 contrib/lease-tools/dhcp_lease_time ${RPM_BUILD_ROOT}%{_bindir}/dhcp_lease_time +install -m 644 contrib/lease-tools/dhcp_lease_time.1 ${RPM_BUILD_ROOT}%{_mandir}/man1/dhcp_lease_time.1 +rm contrib/lease-tools/{dhcp_release,dhcp_lease_time} rm -rf contrib/Suse rm -rf contrib/Solaris10 rm -rf contrib/dnsmasq_MacOSX-pre10.4