USN-6034-1

See a problem?
Please try reporting it to the source first.

Source

https://ubuntu.com/security/notices/USN-6034-1

Import Source

https://github.com/canonical/ubuntu-security-notices/blob/main/osv/usn/USN-6034-1.json

JSON Data

https://api.osv.dev/v1/vulns/USN-6034-1

Related

Published

2023-04-20T12:57:33.700746Z

Modified

2023-04-20T12:57:33.700746Z

Summary

dnsmasq vulnerability

Details

It was discovered that Dnsmasq was sending large DNS messages over UDP, possibly causing transmission failures due to IP fragmentation. This update lowers the default maximum size of DNS messages to improve transmission reliability over UDP.

References

Affected packages

Ubuntu:Pro:14.04:LTS / dnsmasq

Package

Name: dnsmasq
Purl: pkg:deb/ubuntu/dnsmasq?arch=src?distro=trusty/esm

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

2.68-1ubuntu0.2+esm2

Affected versions

2.*

2.66-4ubuntu1

2.67-1

2.68-1

2.68-1ubuntu0.1

2.68-1ubuntu0.2

2.68-1ubuntu0.2+esm1

Ecosystem specific

{
    "availability": "Available with Ubuntu Pro (Infra-only): https://ubuntu.com/pro",
    "binaries": [
        {
            "binary_version": "2.68-1ubuntu0.2+esm2",
            "binary_name": "dnsmasq"
        },
        {
            "binary_version": "2.68-1ubuntu0.2+esm2",
            "binary_name": "dnsmasq-base"
        },
        {
            "binary_version": "2.68-1ubuntu0.2+esm2",
            "binary_name": "dnsmasq-utils"
        }
    ]
}

Ubuntu:Pro:16.04:LTS / dnsmasq

Package

Name: dnsmasq
Purl: pkg:deb/ubuntu/dnsmasq?arch=src?distro=esm-infra/xenial

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

2.79-1ubuntu0.16.04.1+esm2

Affected versions

2.*

2.75-1

2.75-1ubuntu0.16.04.1

2.75-1ubuntu0.16.04.2

2.75-1ubuntu0.16.04.3

2.75-1ubuntu0.16.04.4

2.75-1ubuntu0.16.04.5

2.75-1ubuntu0.16.04.7

2.75-1ubuntu0.16.04.8

2.75-1ubuntu0.16.04.10

2.75-1ubuntu0.16.04.10+esm1

2.79-1ubuntu0.16.04.1+esm1

Ecosystem specific

{
    "availability": "Available with Ubuntu Pro (Infra-only): https://ubuntu.com/pro",
    "binaries": [
        {
            "binary_version": "2.79-1ubuntu0.16.04.1+esm2",
            "binary_name": "dnsmasq"
        },
        {
            "binary_version": "2.79-1ubuntu0.16.04.1+esm2",
            "binary_name": "dnsmasq-base"
        },
        {
            "binary_version": "2.79-1ubuntu0.16.04.1+esm2",
            "binary_name": "dnsmasq-base-lua"
        },
        {
            "binary_version": "2.79-1ubuntu0.16.04.1+esm2",
            "binary_name": "dnsmasq-utils"
        }
    ]
}

Ubuntu:18.04:LTS / dnsmasq

Package

Name: dnsmasq
Purl: pkg:deb/ubuntu/dnsmasq?arch=src?distro=bionic

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

2.79-1ubuntu0.7

Affected versions

2.*

2.78-1

2.78-3

2.79-1

2.79-1ubuntu0.2

2.79-1ubuntu0.3

2.79-1ubuntu0.4

2.79-1ubuntu0.5

2.79-1ubuntu0.6

Ecosystem specific

{
    "availability": "No subscription required",
    "binaries": [
        {
            "binary_version": "2.79-1ubuntu0.7",
            "binary_name": "dnsmasq"
        },
        {
            "binary_version": "2.79-1ubuntu0.7",
            "binary_name": "dnsmasq-base"
        },
        {
            "binary_version": "2.79-1ubuntu0.7",
            "binary_name": "dnsmasq-base-lua"
        },
        {
            "binary_version": "2.79-1ubuntu0.7",
            "binary_name": "dnsmasq-utils"
        }
    ]
}

Ubuntu:20.04:LTS / dnsmasq

Package

Name: dnsmasq
Purl: pkg:deb/ubuntu/dnsmasq?arch=src?distro=focal

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

2.80-1.1ubuntu1.7

Affected versions

2.*

2.80-1ubuntu2

2.80-1ubuntu4

2.80-1.1ubuntu1

2.80-1.1ubuntu1.2

2.80-1.1ubuntu1.3

2.80-1.1ubuntu1.4

2.80-1.1ubuntu1.5

2.80-1.1ubuntu1.6

Ecosystem specific

{
    "availability": "No subscription required",
    "binaries": [
        {
            "binary_version": "2.80-1.1ubuntu1.7",
            "binary_name": "dnsmasq"
        },
        {
            "binary_version": "2.80-1.1ubuntu1.7",
            "binary_name": "dnsmasq-base"
        },
        {
            "binary_version": "2.80-1.1ubuntu1.7",
            "binary_name": "dnsmasq-base-lua"
        },
        {
            "binary_version": "2.80-1.1ubuntu1.7",
            "binary_name": "dnsmasq-utils"
        }
    ]
}

Ubuntu:22.04:LTS / dnsmasq

Package

Name: dnsmasq
Purl: pkg:deb/ubuntu/dnsmasq?arch=src?distro=jammy

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

2.86-1.1ubuntu0.3

Affected versions

2.*

2.85-1ubuntu2

2.86-1.1

2.86-1.1ubuntu0.1

2.86-1.1ubuntu0.2

Ecosystem specific

{
    "availability": "No subscription required",
    "binaries": [
        {
            "binary_version": "2.86-1.1ubuntu0.3",
            "binary_name": "dnsmasq"
        },
        {
            "binary_version": "2.86-1.1ubuntu0.3",
            "binary_name": "dnsmasq-base"
        },
        {
            "binary_version": "2.86-1.1ubuntu0.3",
            "binary_name": "dnsmasq-base-lua"
        },
        {
            "binary_version": "2.86-1.1ubuntu0.3",
            "binary_name": "dnsmasq-utils"
        }
    ]
}