[Dnsmasq-discuss] Announce: dnsmasq-2.50

Grant gcoady.lk at gmail.com
Tue Sep 1 01:41:43 BST 2009


On Mon, 31 Aug 2009 18:01:14 +0100, you wrote:

>This is a security update to 2.49 only.
>
>The CHANGELOG:
>
>version 2.50
>            Fix security problem which allowed any host permitted to
>            do TFTP to possibly compromise dnsmasq by remote buffer
>            overflow when TFTP enabled. Thanks to Core Security
>            Technologies and Iván Arce, Pablo Hernán Jorge, Alejandro
>            Pablo Rodriguez, Martín Coco, Alberto Soliño Testa and
>            Pablo Annetta. This problem has Bugtraq id: 36121
>            and CVE: 2009-2957
>
>            Fix a problem which allowed a malicious TFTP client to
>            crash dnsmasq. Thanks to Steve Grubb at Red Hat for
>            spotting this. This problem has Bugtraq id: 36120 and
>            CVE: 2009-2958

Compiled, up and running fine here :)

Grant.
-- 
http://bugsplatter.id.au



More information about the Dnsmasq-discuss mailing list