openSUSE-SU-2019:2669-1

See a problem?

Import Source

https://ftp.suse.com/pub/projects/security/osv/openSUSE-SU-2019:2669-1.json

JSON Data

https://api.osv.dev/v1/vulns/openSUSE-SU-2019:2669-1

Related

Published

2019-12-11T09:14:13Z

Modified

2019-12-11T09:14:13Z

Summary

Security update for dnsmasq

Details

This update for dnsmasq fixes the following issues:

Security issues fixed:

CVE-2019-14834: Fixed a memory leak which could have allowed to remote attackers to cause denial of service via DHCP response creation (bsc#1154849)
CVE-2017-15107: Fixed a vulnerability in DNSSEC implementation. Processing of wildcard synthesized NSEC records may result improper validation for non-existance (bsc#1076958).

Other issues addressed:
- Included linux/sockios.h to get SIOCGSTAMP (bsc#1156543). - Removed cache size limit (bsc#1138743). - bsc#1152539: include config files from /etc/dnsmasq.d/*.conf .

This update was imported from the SUSE:SLE-15-SP1:Update update project.

References

Affected packages

openSUSE:Leap 15.1 / dnsmasq

Package

Name: dnsmasq
Purl: purl:rpm/suse/dnsmasq&distro=openSUSE%20Leap%2015.1

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

2.78-lp151.5.3.1

Ecosystem specific

{
    "binaries": [
        {
            "dnsmasq": "2.78-lp151.5.3.1",
            "dnsmasq-utils": "2.78-lp151.5.3.1"
        }
    ]
}