Описание
Security update for dnsmasq
This update for dnsmasq fixes the following issues:
Security issue fixed:
- CVE-2017-15107: Fixed a vulnerability in DNSSEC implementation. Processing of wildcard synthesized NSEC records may result improper validation for non-existance. (bsc#1076958)
Non-security issue fixed:
- Reload system dbus to pick up policy change on install (bsc#1054429).
Список пакетов
HPE Helion OpenStack 8
dnsmasq-utils-2.78-18.6.1
SUSE Linux Enterprise Desktop 12 SP3
dnsmasq-2.78-18.6.1
SUSE Linux Enterprise Desktop 12 SP4
dnsmasq-2.78-18.6.1
SUSE Linux Enterprise Server 12 SP3
dnsmasq-2.78-18.6.1
SUSE Linux Enterprise Server 12 SP4
dnsmasq-2.78-18.6.1
SUSE Linux Enterprise Server for SAP Applications 12 SP3
dnsmasq-2.78-18.6.1
SUSE Linux Enterprise Server for SAP Applications 12 SP4
dnsmasq-2.78-18.6.1
SUSE OpenStack Cloud 7
dnsmasq-utils-2.78-18.6.1
SUSE OpenStack Cloud 8
dnsmasq-utils-2.78-18.6.1
SUSE OpenStack Cloud Crowbar 8
dnsmasq-utils-2.78-18.6.1
Ссылки
- Link for SUSE-SU-2019:1721-1
- E-Mail link for SUSE-SU-2019:1721-1
- SUSE Security Ratings
- SUSE Bug 1054429
- SUSE Bug 1076958
- SUSE CVE CVE-2017-15107 page
Описание
A vulnerability was found in the implementation of DNSSEC in Dnsmasq up to and including 2.78. Wildcard synthesized NSEC records could be improperly interpreted to prove the non-existence of hostnames that actually exist.
Затронутые продукты
HPE Helion OpenStack 8:dnsmasq-utils-2.78-18.6.1
SUSE Linux Enterprise Desktop 12 SP3:dnsmasq-2.78-18.6.1
SUSE Linux Enterprise Desktop 12 SP4:dnsmasq-2.78-18.6.1
SUSE Linux Enterprise Server 12 SP3:dnsmasq-2.78-18.6.1
Ссылки
- CVE-2017-15107
- SUSE Bug 1076958