pool/dnsmasq
SHA256
4
0
Fork 1
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Commit Graph

  • 0d70fe8edc Accepting request 1237778 from network factory Ana Guerrero 2025-01-15 16:42:15 +00:00
  • 3b68f5bafa OBS-URL: https://build.opensuse.org/package/show/network/dnsmasq?expand=0&rev=177 devel Reinhard Max 2025-01-14 12:58:37 +00:00
  • 88213ed71a OBS-URL: https://build.opensuse.org/package/show/network/dnsmasq?expand=0&rev=176 Reinhard Max 2025-01-14 12:56:55 +00:00
  • c90cde3178 - Disable --nftset for SLE-15-SP3 and older. - bsc#1235517: Reintroduce nogroup for SLE-15-SP3 and older. Reinhard Max 2025-01-14 11:39:29 +00:00
  • d239adfb9a OBS-URL: https://build.opensuse.org/package/show/network/dnsmasq?expand=0&rev=174 Reinhard Max 2025-01-14 10:29:33 +00:00
  • 37aea2c2d5 - Make sure compile time options don't change without notice. Reinhard Max 2025-01-14 09:54:41 +00:00
  • 5888b04e82 - Use pkgconfig for libidn2. Reinhard Max 2025-01-14 09:03:21 +00:00
  • 87ab4a7f5d Accepting request 1225486 from network Ana Guerrero 2024-11-22 22:50:42 +00:00
  • 79b795000d - Enable --nftset support Marcus Meissner 2024-11-21 08:50:32 +00:00
  • a8259ced12 Accepting request 1179330 from network Ana Guerrero 2024-06-09 18:20:06 +00:00
  • 7fce638a33 * CVE-2023-49441, bsc#1226091: integer overflow via forward_query Reinhard Max 2024-06-07 14:30:52 +00:00
  • 2f79db001b Accepting request 1148852 from network Ana Guerrero 2024-02-23 15:40:30 +00:00
  • 72f6426e30 OBS-URL: https://build.opensuse.org/package/show/network/dnsmasq?expand=0&rev=166 Reinhard Max 2024-02-16 12:46:35 +00:00
  • 0cc8ed3dc1 - update to 2.90: * CVE-2023-50387, CVE-2023-50868, bsc#1219823, bsc#1219826: Denial Of Service while trying to validate specially crafted DNSSEC responses * Fix reversion in --rev-server introduced in 2.88 which caused breakage if the prefix length is not exactly divisible by 8 (IPv4) or 4 (IPv6). * Fix possible SEGV when there server(s) for a particular domain are configured, but no server which is not qualified for a particular domain. * Set the default maximum DNS UDP packet sice to 1232. Obsoletes: dnsmasq-CVE-2023-28450.patch * Add --no-dhcpv4-interface and --no-dhcpv6-interface for better control over which inetrfaces are providing DHCP service. * Fix issue with stale caching * Add configurable caching for arbitrary RR-types. * Add --filter-rr option, to filter arbitrary RR-types. Reinhard Max 2024-02-14 18:04:45 +00:00
  • ee7ad3ae48 Accepting request 1126658 from network Ana Guerrero 2023-11-16 19:27:12 +00:00
  • 22e8185410 Accepting request 1117613 from home:kukuk:branches:network Reinhard Max 2023-11-15 14:20:46 +00:00
  • a543d4ad0b Accepting request 1087210 from network Dominique Leuenberger 2023-05-16 12:15:54 +00:00
  • 4d358c4945 Accepting request 1087003 from home:gmbr3:Active Reinhard Max 2023-05-15 11:30:28 +00:00
  • cb7f45821c Accepting request 1082695 from network Dominique Leuenberger 2023-04-26 15:24:15 +00:00
  • 5812a696e5 - bsc#1209358, CVE-2023-28450, dnsmasq-CVE-2023-28450.patch: default maximum EDNS.0 UDP packet size should be 1232 Reinhard Max 2023-04-25 08:33:07 +00:00
  • ee1ce84cab Accepting request 1066370 from network Dominique Leuenberger 2023-02-17 15:43:57 +00:00
  • 34ee2bc9ad it down. (boo#1207174) Reinhard Max 2023-02-17 11:54:59 +00:00
  • ae43cc1797 Accepting request 1063496 from network Dominique Leuenberger 2023-02-07 17:48:19 +00:00
  • 632e70dcde Accepting request 1063373 from home:polslinux:branches:network Reinhard Max 2023-02-06 17:47:21 +00:00
  • 92c6477b69 Accepting request 1045478 from network Dominique Leuenberger 2022-12-28 09:54:27 +00:00
  • ee2f248c1a Accepting request 1044373 from home:dirkmueller:Factory Reinhard Max 2022-12-27 10:20:23 +00:00
  • 70d707bb81 Accepting request 1034136 from network Dominique Leuenberger 2022-11-08 09:53:18 +00:00
  • 33d1dd7eac Accepting request 1031298 from home:dirkmueller:Factory Reinhard Max 2022-11-07 10:18:14 +00:00
  • a38c20861b Accepting request 1004570 from network Dominique Leuenberger 2022-09-20 17:23:03 +00:00
  • 0e41fdbd5f Accepting request 1002291 from home:gmbr3:Active Marcus Meissner 2022-09-19 06:55:22 +00:00
  • 23ec442c57 Accepting request 982371 from network Dominique Leuenberger 2022-07-08 12:01:29 +00:00
  • 37bc9b79aa Accepting request 981335 from home:gmbr3:Active Marcus Meissner 2022-06-13 08:25:42 +00:00
  • 83a5bd8676 Accepting request 969348 from network Dominique Leuenberger 2022-04-14 15:23:28 +00:00
  • e3d0db2cf5 - bsc#1197872, CVE-2022-0934, dnsmasq-CVE-2022-0934.patch: Heap use after free in dhcp6_no_relay Reinhard Max 2022-04-05 07:17:25 +00:00
  • 672de53781 Accepting request 933804 from network Dominique Leuenberger 2021-11-26 23:50:56 +00:00
  • c151cb5315 Accepting request 932271 from network Dominique Leuenberger 2021-11-20 21:47:53 +00:00
  • e863251880 OBS-URL: https://build.opensuse.org/package/show/network/dnsmasq?expand=0&rev=144 Reinhard Max 2021-11-18 15:52:28 +00:00
  • c177936b94 - bsc#1192529, dnsmasq-resolv-conf.patch: Fix a segfault when re-reading an empty resolv.conf - Remove "nogroup" membership from the dnsmasq user. Reinhard Max 2021-11-18 14:11:14 +00:00
  • d5b765a964 Accepting request 928184 from home:gmbr3:Active Reinhard Max 2021-11-18 13:53:24 +00:00
  • 25af15f8e3 Accepting request 921143 from network Dominique Leuenberger 2021-09-26 19:48:37 +00:00
  • f4508ec1d0 OBS-URL: https://build.opensuse.org/package/show/network/dnsmasq?expand=0&rev=141 Reinhard Max 2021-09-23 12:06:42 +00:00
  • 029f71cf1d OBS-URL: https://build.opensuse.org/package/show/network/dnsmasq?expand=0&rev=140 Reinhard Max 2021-09-23 12:02:11 +00:00
  • 0c6831c53a OBS-URL: https://build.opensuse.org/package/show/network/dnsmasq?expand=0&rev=139 Reinhard Max 2021-09-23 09:22:08 +00:00
  • bcf4390ff2 - SLE bugs that got fixed upstream between 2.79 and 2.86, but for which we need to keep references when syncing Factory to SLE: * bsc#1176076: dnsmasq-servfail.patch * bsc#1156543: dnsmasq-siocgstamp.patch * bsc#1138743: dnsmasq-cache-size.patch * bsc#1076958: CVE-2017-15107, dnsmasq-CVE-2017-15107.patch Reinhard Max 2021-09-23 08:59:05 +00:00
  • 049fbc620b - Update to 2.86: * Handle DHCPREBIND requests in the DHCPv6 server code. * Fix bug which caused dnsmasq to lose track of processes forked to handle TCP DNS connections under heavy load. * Major rewrite of the DNS server and domain handling code. This should be largely transparent, but it drastically improves performance and reduces memory foot-print when configuring large numbers of domains. * Revise resource handling for number of concurrent DNS queries. * Improve efficiency of DNSSEC. * Connection track mark based DNS query filtering. * Allow smaller than 64 prefix lengths in synth-domain, with caveats. --synth-domain=1234:4567::/56,example.com is now valid. * Make domains generated by --synth-domain appear in replies when in authoritative mode. * Ensure CAP_NET_ADMIN capability is available when conntrack is configured. * When --dhcp-hostsfile --dhcp-optsfile and --addn-hosts are given a directory as argument, define the order in which files within that directory are read (alphabetical order of filename). - Added hardening to systemd service(s) (bsc#1181400). Reinhard Max 2021-09-17 11:27:06 +00:00
  • dc54688f33 Accepting request 918936 from home:jsegitz:branches:systemdhardening:network Reinhard Max 2021-09-17 09:40:15 +00:00
  • 36392b1f56 Accepting request 904175 from network Dominique Leuenberger 2021-07-07 16:29:47 +00:00
  • 253903d350 Accepting request 899810 from home:gmbr3:Active Reinhard Max 2021-07-05 13:31:21 +00:00
  • 05adc3fbcf Accepting request 896893 from home:gmbr3:Active Reinhard Max 2021-06-07 10:59:49 +00:00
  • 42d55dff3c Accepting request 888631 from network Dominique Leuenberger 2021-04-28 23:36:38 +00:00
  • 755bed9cef - Update to 2.85: * Fix problem with DNS retries in 2.83/2.84. * Tweak sort order of tags in get-version. * Avoid treating a --dhcp-host which has an IPv6 address as eligible for use with DHCPv4 on the grounds that it has no address, and vice-versa. * Add --dynamic-host option: A and AAAA records which take their network part from the network of a local interface. Useful for routers with dynamically prefixes. * Teach --bogus-nxdomain and --ignore-address to take an IPv4 subnet. * CVE-2021-3448, bsc#1183709: Use random source ports where possible if source addresses/interfaces in use. * Change the method of allocation of random source ports for DNS. * Scale the size of the DNS random-port pool based on the value of the --dns-forward-max configuration. * Tweak TFTP code to check sender of all received packets, as specified in RFC 1350 para 4. Reinhard Max 2021-04-19 21:50:31 +00:00
  • 822e2ef139 Fix URLs. Reinhard Max 2021-04-19 20:45:47 +00:00
  • 6b64faead0 Accepting request 870366 from home:dirkmueller:branches:network Reinhard Max 2021-02-09 07:35:03 +00:00
  • 119b64113a Accepting request 867893 from network Dominique Leuenberger 2021-02-04 19:23:46 +00:00
  • 5761a19f0e Accepting request 867249 from home:gmbr3:Lua Marcus Meissner 2021-01-30 08:06:09 +00:00
  • e7d4817578 Accepting request 864301 from network Dominique Leuenberger 2021-01-20 17:23:34 +00:00
  • f38fa3d41b - Update to 2.83: * bsc#1177077: Fixed DNSpooq vulnerabilities * Use the values of --min-port and --max-port in outgoing TCP connections to upstream DNS servers. * Fix a remote buffer overflow problem in the DNSSEC code. Any dnsmasq with DNSSEC compiled in and enabled is vulnerable to this, referenced by CVE-2020-25681, CVE-2020-25682, CVE-2020-25683 CVE-2020-25687. * Be sure to only accept UDP DNS query replies at the address from which the query was originated. This keeps as much entropy in the {query-ID, random-port} tuple as possible, to help defeat cache poisoning attacks. Refer: CVE-2020-25684. * Use the SHA-256 hash function to verify that DNS answers received are for the questions originally asked. This replaces the slightly insecure SHA-1 (when compiled with DNSSEC) or the very insecure CRC32 (otherwise). Refer: CVE-2020-25685 * Handle multiple identical near simultaneous DNS queries better. Previously, such queries would all be forwarded independently. This is, in theory, inefficent but in practise not a problem, _except_ that is means that an answer for any of the forwarded queries will be accepted and cached. An attacker can send a query multiple times, and for each repeat, another {port, ID} becomes capable of accepting the answer he is sending in the blind, to random IDs and ports. The chance of a succesful attack is therefore multiplied by the number of repeats of the query. The new behaviour detects repeated queries and merely stores the clients sending repeats so that when the first query completes, the answer can be sent to all the clients who asked. Refer: CVE-2020-25686. Reinhard Max 2021-01-19 12:32:14 +00:00
  • de12c31418 Accepting request 823748 from network Dominique Leuenberger 2020-08-03 12:13:03 +00:00
  • be2d2498af Accepting request 823079 from home:mrey:branches:network Reinhard Max 2020-07-31 14:11:53 +00:00
  • f2c36e7dad Accepting request 807964 from network Dominique Leuenberger 2020-06-04 15:49:02 +00:00
  • 067293717f Accepting request 800348 from home:polslinux:branches:network Dirk Mueller 2020-05-21 11:02:08 +00:00
  • 558e4ff507 Accepting request 752812 from network Dominique Leuenberger 2019-12-07 14:11:48 +00:00
  • 717dcedc03 Accepting request 752568 from home:dimstar:Factory Tomáš Chvátal 2019-12-02 07:41:02 +00:00
  • bd280d0c79 Accepting request 748378 from network Dominique Leuenberger 2019-11-20 12:42:47 +00:00
  • 6ce28c3b4b OBS-URL: https://build.opensuse.org/package/show/network/dnsmasq?expand=0&rev=118 Reinhard Max 2019-11-13 14:29:51 +00:00
  • 0ed13f31d4 OBS-URL: https://build.opensuse.org/package/show/network/dnsmasq?expand=0&rev=117 Reinhard Max 2019-11-13 14:15:14 +00:00
  • 5fa347475a OBS-URL: https://build.opensuse.org/package/show/network/dnsmasq?expand=0&rev=116 Reinhard Max 2019-11-13 11:21:17 +00:00
  • d4db467b75 Accepting request 728482 from network Dominique Leuenberger 2019-09-11 08:21:32 +00:00
  • ccc8eeefa0 Accepting request 728337 from home:StefanBruens:branches:openSUSE:Factory Dirk Mueller 2019-09-05 11:34:19 +00:00
  • 519adea1a1 Accepting request 718597 from network Dominique Leuenberger 2019-07-31 12:14:17 +00:00
  • 3edd2e1ad9 Accepting request 717919 from home:mgerstner:branches:network Dirk Mueller 2019-07-25 17:07:06 +00:00
  • e6a98bbf25 Accepting request 714386 from network Dominique Leuenberger 2019-07-22 10:17:32 +00:00
  • 9c019eebb6 Accepting request 714370 from home:jirislaby:branches:network Tomáš Chvátal 2019-07-10 07:24:12 +00:00
  • 31f9b22cb9 Accepting request 709322 from network Dominique Leuenberger 2019-06-26 14:00:08 +00:00
  • 8f7f833592 Accepting request 709153 from home:dimstar:Factory Tomáš Chvátal 2019-06-12 06:05:10 +00:00
  • 5775d74cdf Accepting request 678217 from network Stephan Kulow 2019-02-28 20:24:22 +00:00
  • deb329e226 Accepting request 678164 from home:fbui:branches:network Tomáš Chvátal 2019-02-22 10:44:04 +00:00
  • ce51e100ef Accepting request 668717 from network Dominique Leuenberger 2019-01-26 21:21:24 +00:00
  • 500c355c40 Accepting request 668710 from home:eeich:branches:network James McDonough 2019-01-25 17:29:11 +00:00
  • 943aafc77b Accepting request 668197 from home:elvigia:branches:network Tomáš Chvátal 2019-01-24 08:33:18 +00:00
  • c4175dad92 Accepting request 643674 from network Dominique Leuenberger 2018-11-06 12:52:36 +00:00
  • c95068e949 Accepting request 643663 from home:jengelh:branches:network Reinhard Max 2018-10-22 09:28:32 +00:00
  • 780a2eb11d Accepting request 643595 from home:seanlew:branches:network Ismail Dönmez 2018-10-22 08:10:05 +00:00
  • 91a1f07afb Accepting request 643221 from home:mslacken:prov Ismail Dönmez 2018-10-19 18:44:49 +00:00
  • 6b772c2010 Accepting request 632188 from network Dominique Leuenberger 2018-09-04 20:47:01 +00:00
  • 0c17079da6 - add missing prereq on the group to be created (bsc#1106446) Dirk Mueller 2018-08-29 16:22:36 +00:00
  • 5bc16c7af7 Accepting request 623240 from network Dominique Leuenberger 2018-07-25 14:05:09 +00:00
  • 59367376ec Accepting request 623070 from home:kukuk:branches:network Dirk Mueller 2018-07-17 08:06:47 +00:00
  • 8b67c39744 Accepting request 548087 from network Dominique Leuenberger 2017-12-08 20:47:30 +00:00
  • b5b76cd9b1 - Update keyring Ismail Dönmez 2017-12-04 13:39:44 +00:00
  • 7a3d7e2c7b Accepting request 547138 from home:cbosdonnat:branches:network Ismail Dönmez 2017-12-01 15:00:21 +00:00
  • 9141fa3579 Accepting request 525886 from network Dominique Leuenberger 2017-10-05 09:53:17 +00:00
  • 09eac739de - Security update to version 2.78: * bsc#1060354, CVE-2017-14491: 2 byte heap based overflow. * bsc#1060355, CVE-2017-14492: heap based overflow. * bsc#1060360, CVE-2017-14493: stack based overflow. * bsc#1060361, CVE-2017-14494: DHCP - info leak. * bsc#1060362, CVE-2017-14495: DNS - OOM DoS. * bsc#1060364, CVE-2017-14496: DNS - DoS Integer underflow. * Fix DHCP relaying, broken in 2.76 and 2.77. * For other changes, see http://www.thekelleys.org.uk/dnsmasq/CHANGELOG - Obsoleted patches: * Fix-crash-introduced-in-2675f2061525bc954be14988d643.patch * Handle-binding-upstream-servers-to-an-interface.patch Reinhard Max 2017-10-02 14:34:17 +00:00
  • 1c4b4aee27 Accepting request 523600 from home:scarabeus_iv:branches:network Ismail Dönmez 2017-09-13 14:15:31 +00:00
  • d7b45ae928 - reload system dbus to pick up policy change on install (bsc#1054429) Dirk Mueller 2017-08-18 11:16:45 +00:00
  • a9a380275e Accepting request 449478 from network Dominique Leuenberger 2017-01-11 11:01:12 +00:00
  • 13ce29f32b Accepting request 449467 from home:mwilck:branches:network Ismail Dönmez 2017-01-10 08:52:59 +00:00
  • b07b199c9f Accepting request 416775 from network Dominique Leuenberger 2016-08-06 18:35:45 +00:00
  • 428579c9fb - Update to 2.76: * Include 0.0.0.0/8 in DNS rebind checks. * Enhance --add-subnet to allow arbitrary subnet addresses. * Respect the --no-resolv flag in inotify code. Fixes bug which caused dnsmasq to fail to start if a resolv-file was a dangling symbolic link, even of --no-resolv set. * Fix crash when an A or AAAA record is defined locally, in a hosts file, and an upstream server sends a reply that the same name is empty (CVE-2015-8899, bsc#983273). * Fix failure to correctly calculate cache-size when reading a hosts-file fails. * Fix wrong answer to simple name query when --domain-needed set, but no upstream servers configured. * Return REFUSED when running out of forwarding table slots, not SERVFAIL. * Add --max-port configuration. * Add --script-arp and two new functions for the dhcp-script. * Extend --add-mac to allow a new encoding of the MAC address as base64, by configurting --add-mac=base64 * Add --add-cpe-id option. * Don't crash with divide-by-zero if an IPv6 dhcp-range is declared as a whole /64. (ie xx::0 to xx::ffff:ffff:ffff:ffff) * Add support for a TTL parameter in --host-record and --cname. * Add --dhcp-ttl option. * Add --tftp-mtu option. * Check return-code of inet_pton() when parsing dhcp-option. * Fix wrong value for EDNS UDP packet size when using --servers-file to define upstream DNS servers. * Add dhcp_release6 to contrib/lease-tools. Reinhard Max 2016-08-03 14:02:20 +00:00
  • 066af89b75 Accepting request 404054 from network Dominique Leuenberger 2016-06-29 13:04:14 +00:00