|| ||Mageia Updates <email@example.com> |
|| ||firstname.lastname@example.org |
|| ||[updates-announce] MGASA-2013-0030: dnsmasq-2.63-1.1.mga2 (2/core) |
|| ||Wed, 6 Feb 2013 23:07:30 +0100|
|| ||Article, Thread
Date: February 6th, 2013
Affected releases: 2
Updated dnsmasq packages fix security vulnerabilities (CVE-2013-0198):
This update completes the fix for CVE-2012-3411 provided with dnsmasq-2.63.
It was found that after the upstream patch for CVE-2012-3411 issue was
applied, dnsmasq still:
- replied to remote TCP-protocol based DNS queries (UDP protocol ones
were corrected, but TCP ones not) from prohibited networks, when the
--bind-dynamic option was used,
- when --except-interface lo option was used dnsmasq didn't answer
local or remote UDP DNS queries, but still allowed TCP protocol based
- when --except-interface lo option was not used local / remote TCP
DNS queries were also still answered by dnsmasq.
This update fix these three cases.
to post comments)