rpms
/
dnsmasq
7
0
Fork 0
Code Issues Pull Requests Releases Activity

Fix CVE 2023-50387 and CVE 2023-50868

This commit is contained in:
Tomas Korbar 2024-03-15 13:24:59 +01:00 committed by root
parent 7cbf2a2449
commit 0da0b54e75
3 changed files with 2101 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
.dnsmasq.metadata Normal file
View File

@ -0,0 +1,2 @@
256ec628587ab2b20bba3fc2773046dab8f2874c dnsmasq-2.85.tar.xz
7464793425f5df6d34862f0881e48fe961a0b327 dnsmasq-2.85.tar.xz.asc

2091
dnsmasq-2.90-CVE-2023-50387-CVE-2023-50868.patch Normal file
View File

File diff suppressed because it is too large Load Diff

9
dnsmasq.spec
View File

@ -20,7 +20,7 @@
Name: dnsmasq
Version: 2.85
Release: 15%{?extraversion:.%{extraversion}}%{?dist}
Release: 16%{?extraversion:.%{extraversion}}%{?dist}
Summary: A lightweight DHCP/caching DNS server
License: GPLv2 or GPLv3
@ -71,6 +71,8 @@ Patch14: dnsmasq-2.85-domain-blocklist-speedup.patch
Patch15: dnsmasq-2.87-coverity-forward-cache.patch
# https://thekelleys.org.uk/gitweb/?p=dnsmasq.git;h=ad90eb075dfeeb1936e8bc0f323fcc23f89364d4
Patch16: dnsmasq-2.86-tcp-free-fd-rh2188443.patch
# https://thekelleys.org.uk/gitweb/?p=dnsmasq.git;a=commit;h=214a046f47b9f7dd56f5eef3a8678ccbd6e973b7
Patch17: dnsmasq-2.90-CVE-2023-50387-CVE-2023-50868.patch
# This is workaround to nettle bug #1549190
# https://bugzilla.redhat.com/show_bug.cgi?id=1549190
@ -214,6 +216,11 @@ install -Dpm 644 %{SOURCE2} %{buildroot}%{_sysusersdir}/%{name}.conf
%{_mandir}/man1/dhcp_*
%changelog
* Fri Mar 15 2024 Tomas Korbar <tkorbar@redhat.com> - 2.85-16
- Fix CVE 2023-50387 and CVE 2023-50868
- Resolves: RHEL-25639
- Resolves: RHEL-25675
* Fri Jul 28 2023 Petr Menšík <pemensik@redhat.com> - 2.85-15
- Attempt to use TCP pipe only if a free is available (#2188443)