36 lines
1.8 KiB
Plaintext
36 lines
1.8 KiB
Plaintext
<patchinfo incident="185">
|
|
<!-- generated from request(s) 357407 -->
|
|
<issue tracker="bnc" id="1214884">Migration from SLE Micro 5.4 -> ALP: file conflict between libslp1 and openslp</issue>
|
|
<issue tracker="bnc" id="1219823">VUL-0: CVE-2023-50387 : unbound, pdns, bind, dnsmasq: Denial Of Service while trying to validate specially crafted DNSSEC responses</issue>
|
|
<issue tracker="bnc" id="1219826">VUL-0: CVE-2023-50868: unbound, bind, pdns, dnsmasq: Denial Of Service while trying to validate specially crafted DNSSEC responses</issue>
|
|
<issue tracker="cve" id="2023-28450"/>
|
|
<issue tracker="cve" id="2023-50387"/>
|
|
<issue tracker="cve" id="2023-50868"/>
|
|
<packager>rmax</packager>
|
|
<rating>important</rating>
|
|
<category>security</category>
|
|
<summary>Security update for dnsmasq</summary>
|
|
<description>This update for dnsmasq fixes the following issues:
|
|
|
|
- Update to 2.90:
|
|
|
|
* CVE-2023-50387, CVE-2023-50868: Fixed a Denial Of Service while trying
|
|
to validate specially crafted DNSSEC responses (bsc#1219823, bsc#1219826).
|
|
* Fix reversion in --rev-server introduced in 2.88 which caused
|
|
breakage if the prefix length is not exactly divisible by 8
|
|
(IPv4) or 4 (IPv6).
|
|
* Fix possible SEGV when there server(s) for a particular domain
|
|
are configured, but no server which is not qualified for a
|
|
particular domain.
|
|
* Set the default maximum DNS UDP packet sice to 1232.
|
|
* Add --no-dhcpv4-interface and --no-dhcpv6-interface for better
|
|
control over which interfaces are providing DHCP service.
|
|
* Fix issue with stale caching
|
|
* Add configurable caching for arbitrary RR-types.
|
|
* Add --filter-rr option, to filter arbitrary RR-types.
|
|
|
|
- SLP got dropped, remove config (bsc#1214884)
|
|
</description>
|
|
<package>dnsmasq</package>
|
|
<seperate_build_arch/>
|
|
</patchinfo> |