[Dnsmasq-discuss] Announce 2.85rc1 and security warning.
Amit
amit.uttam at gmail.com
Wed Mar 17 23:11:30 UTC 2021
On Wed, Mar 17, 2021 at 2:55 PM Simon Kelley <simon at thekelleys.org.uk> wrote:
>
> I've just created the first release candidate for dnsmasq-2.85.
>
[snip]
> TL;DR
>
> There's no problem unless you use
>
> server=8.8.8.8 at eth0 or server=8.8.8.8 at 1.2.3.4
>
> (or their DBus equivalents)
>
> OR if you use NetWorkManager with dnsmasq.
>
> In that case, upgrading to 2.85 is advised.
>
> CVE-2021-3448 is the formal designation for this bug.
>
> Thanks to Petr Menšík for finally spotting this historic oversight, and
> good work on fixing it.
>
> Please download
>
> https://thekelleys.org.uk/dnsmasq/release-candidates/dnsmasq-2.85rc1.tar.gz
>
> and test it thoroughly. Then look at the diff at
>
> https://thekelleys.org.uk/gitweb/?p=dnsmasq.git;a=commitdiff;h=74d4fcd756a85bc1823232ea74334f7ccfb9d5d2;hp=4c30e9602bcf272863abb6f25b04ad035ab1a27b
>
Thank you Simon and others. This seems to work well for our setup. Do
you have an idea of when this will be pushed to debian upstream?
Our team tracks Debian closely so we typically wait for packages there
before rolling out this on our test fleet.
More information about the Dnsmasq-discuss
mailing list