Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

suse-cvrf логотип

SUSE-SU-2019:3189-1

Опубликовано: 05 дек. 2019
Источник: suse-cvrf

Описание

Security update for dnsmasq

This update for dnsmasq fixes the following issues:

Security issues fixed:

  • CVE-2019-14834: Fixed a memory leak which could have allowed to remote attackers to cause denial of service via DHCP response creation (bsc#1154849)
  • CVE-2017-15107: Fixed a vulnerability in DNSSEC implementation. Processing of wildcard synthesized NSEC records may result improper validation for non-existance (bsc#1076958).

Other issues addressed:

  • Included linux/sockios.h to get SIOCGSTAMP (bsc#1156543).
  • Removed cache size limit (bsc#1138743).
  • bsc#1152539: include config files from /etc/dnsmasq.d/*.conf .

Список пакетов

Container suse/sles/15.2/virt-launcher:0.38.1
dnsmasq-2.78-7.3.1
Container suse/sles/15.3/virt-launcher:0.45.0
dnsmasq-2.78-7.3.1
SUSE Linux Enterprise Module for Basesystem 15 SP1
dnsmasq-2.78-7.3.1

Ссылки

Описание

A vulnerability was found in the implementation of DNSSEC in Dnsmasq up to and including 2.78. Wildcard synthesized NSEC records could be improperly interpreted to prove the non-existence of hostnames that actually exist.

Затронутые продукты
Container suse/sles/15.2/virt-launcher:0.38.1:dnsmasq-2.78-7.3.1
Container suse/sles/15.3/virt-launcher:0.45.0:dnsmasq-2.78-7.3.1
SUSE Linux Enterprise Module for Basesystem 15 SP1:dnsmasq-2.78-7.3.1
Ссылки

Описание

A vulnerability was found in dnsmasq before version 2.81, where the memory leak allows remote attackers to cause a denial of service (memory consumption) via vectors involving DHCP response creation.

Затронутые продукты
Container suse/sles/15.2/virt-launcher:0.38.1:dnsmasq-2.78-7.3.1
Container suse/sles/15.3/virt-launcher:0.45.0:dnsmasq-2.78-7.3.1
SUSE Linux Enterprise Module for Basesystem 15 SP1:dnsmasq-2.78-7.3.1
Ссылки