Mageia alert MGASA-2021-0059 (dnsmasq)
| From: | Mageia Updates <buildsystem-daemon@mageia.org> | |
| To: | updates-announce@ml.mageia.org | |
| Subject: | [updates-announce] MGASA-2021-0059: Updated dnsmasq packages fix security vulnerability | |
| Date: | Fri, 29 Jan 2021 20:06:38 +0100 | |
| Message-ID: | <20210129190638.D36D09F736@duvel.mageia.org> | |
| Archive-link: | Article |
MGASA-2021-0059 - Updated dnsmasq packages fix security vulnerability Publication date: 29 Jan 2021 URL: https://advisories.mageia.org/MGASA-2021-0059.html Type: security Affected Mageia releases: 7 CVE: CVE-2020-25681, CVE-2020-25682, CVE-2020-25683, CVE-2020-25684, CVE-2020-25685, CVE-2020-25686, CVE-2020-25687 Description: Multiples vulnerabilities have been discovered in dnsmasq up to version 2.82: - subtle errors in dnsmasq's protections against cache-poisoning attacks (CVE-2020-25684, CVE-2020-25685 and CVE-2020-25686) - buffer overflow in dnsmasq's DNSSEC code (CVE-2020-25681, CVE-2020-25682, CVE-2020-25683 and CVE-2020-25687) References: - https://bugs.mageia.org/show_bug.cgi?id=28169 - http://lists.thekelleys.org.uk/pipermail/dnsmasq-discuss/... - https://www.openwall.com/lists/oss-security/2021/01/19/1 - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-2... - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-2... - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-2... - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-2... - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-2... - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-2... - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-2... SRPMS: - 7/core/dnsmasq-2.83-1.mga7