[Dnsmasq-discuss] Announce: dnsmasq-2.50
Grant
gcoady.lk at gmail.com
Tue Sep 1 01:41:43 BST 2009
On Mon, 31 Aug 2009 18:01:14 +0100, you wrote:
>This is a security update to 2.49 only.
>
>The CHANGELOG:
>
>version 2.50
> Fix security problem which allowed any host permitted to
> do TFTP to possibly compromise dnsmasq by remote buffer
> overflow when TFTP enabled. Thanks to Core Security
> Technologies and Iván Arce, Pablo Hernán Jorge, Alejandro
> Pablo Rodriguez, Martín Coco, Alberto Soliño Testa and
> Pablo Annetta. This problem has Bugtraq id: 36121
> and CVE: 2009-2957
>
> Fix a problem which allowed a malicious TFTP client to
> crash dnsmasq. Thanks to Steve Grubb at Red Hat for
> spotting this. This problem has Bugtraq id: 36120 and
> CVE: 2009-2958
Compiled, up and running fine here :)
Grant.
--
http://bugsplatter.id.au
More information about the Dnsmasq-discuss
mailing list