d75aef2c01
Security fix, CVE-2017-14496, Integer underflow in DNS response creation.
...
Fix DoS in DNS. Invalid boundary checks in the
add_pseudoheader function allows a memcpy call with negative
size An attacker which can send malicious DNS queries
to dnsmasq can trigger a DoS remotely.
dnsmasq is vulnerable only if one of the following option is
specified: --add-mac, --add-cpe-id or --add-subnet.
Signed-off-by: Petr Menšík <pemensik@redhat.com>
2017-10-02 17:08:22 +02:00
e66c11835d
Security fix, CVE-2017-14494, Infoleak handling DHCPv6 forwarded requests.
...
Fix information leak in DHCPv6. A crafted DHCPv6 packet can
cause dnsmasq to forward memory from outside the packet
buffer to a DHCPv6 server when acting as a relay.
Signed-off-by: Petr Menšík <pemensik@redhat.com>
2017-10-02 17:08:22 +02:00
e84d4fc50e
Security fix, CVE-2017-14493, DHCPv6 - Stack buffer overflow.
...
Fix stack overflow in DHCPv6 code. An attacker who can send
a DHCPv6 request to dnsmasq can overflow the stack frame and
crash or control dnsmasq.
Signed-off-by: Petr Menšík <pemensik@redhat.com>
2017-10-02 17:08:22 +02:00
2daf3ff20f
Security fix, CVE-2017-14492, DHCPv6 RA heap overflow.
...
Fix heap overflow in IPv6 router advertisement code.
This is a potentially serious security hole, as a
crafted RA request can overflow a buffer and crash or
control dnsmasq. Attacker must be on the local network.
Signed-off-by: Petr Menšík <pemensik@redhat.com>
2017-10-02 17:08:22 +02:00
bd80bf435e
Security fix, CVE-2017-14491 DNS heap buffer overflow.
...
Fix heap overflow in DNS code. This is a potentially serious
security hole. It allows an attacker who can make DNS
requests to dnsmasq, and who controls the contents of
a domain, which is thereby queried, to overflow
(by 2 bytes) a heap buffer and either crash, or
even take control of, dnsmasq.
Signed-off-by: Petr Menšík <pemensik@redhat.com>
2017-10-02 17:08:22 +02:00
9d2935df23
Actually apply CVE fix
2017-09-26 13:42:46 +02:00
234a50f2b7
Fix CVE-2017-13704
2017-09-14 18:14:52 +02:00
81f0dbf828
Own the /usr/share/dnsmasq dir ( #1480856 )
2017-08-14 15:40:33 +02:00
5ffdeda31f
- Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Binutils_Mass_Rebuild
2017-08-02 19:40:59 +00:00
d47ff42c98
- Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Mass_Rebuild
2017-07-26 06:22:31 +00:00
4b7ea7ea04
Update to 2.77
2017-06-07 11:35:10 +02:00
a26c714178
Fix unresponsible DHCP
2017-05-12 16:23:10 +02:00
389f40bfd5
Update to 2.77rc2
2017-05-11 19:42:38 +02:00
1db48a66a4
Support for IDN 2008 ( #1449150 )
2017-05-11 17:58:36 +02:00
323f116aa8
Include dhcp_release6 tool and license in utils
2017-05-11 17:56:41 +02:00
1e0b4d4c56
- Rebuilt for https://fedoraproject.org/wiki/Fedora_26_Mass_Rebuild
2017-02-10 08:29:47 +00:00
cfdd2cf764
Resolves : #1373485 - dns not updated after sleep and resume laptop
2016-10-19 16:00:41 +02:00
30dfb66768
New version 2.76
2016-07-15 14:30:31 +02:00
566245555d
- Rebuilt for https://fedoraproject.org/wiki/Fedora_24_Mass_Rebuild
2016-02-03 18:51:06 +00:00
14e228cae8
Fixed minor bug in dnsmasq.conf ( #1295143 )
2016-01-25 11:16:36 +01:00
e6ea56c2ab
Resolves : #1239256 - install trust-anchors.conf
2015-10-02 16:24:49 +02:00
68c179ea5c
new version 2.75
2015-08-05 16:10:25 +02:00
aca4e7adb5
- Rebuilt for https://fedoraproject.org/wiki/Fedora_23_Mass_Rebuild
2015-06-17 04:14:11 +00:00
b707570673
drop %triggerun
...
We're not supposed to automatically migrate from SysV to systemd anyway.
2014-10-06 15:28:13 +02:00
c4cad4212b
bump release
2014-10-06 14:27:16 +02:00
f638f9b864
only require systemd-sysv and chkconfig for %triggerun
2014-10-06 14:26:58 +02:00
a333098036
package is dual-licensed GPL v2 or v3
2014-10-06 14:26:33 +02:00
faf594624d
don't include /etc/dnsmasq.d in triplicate
...
ignore RPM backup files instead
2014-10-06 14:25:38 +02:00
c0cb2fb429
Fix typo in default configuration ( #1149459 )
...
Signed-off-by: Tomas Hozza <thozza@redhat.com>
2014-10-06 10:35:08 +02:00
848bf9f984
Update to 2.72 stable
...
Signed-off-by: Tomas Hozza <thozza@redhat.com>
2014-09-25 17:36:51 +02:00
7bb1482771
- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild
2014-08-16 03:08:55 +00:00
4134a56cf6
- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild
2014-06-07 02:43:15 -05:00
aed8f846f6
Update to 2.71 stable
...
Signed-off-by: Tomas Hozza <thozza@redhat.com>
2014-05-20 10:24:23 +02:00
ed23cea08b
Update to 2.70 stable
...
Resolves: rhbz#1091193
Signed-off-by: Tomas Hozza <thozza@redhat.com>
2014-04-25 10:38:07 +02:00
695b79525b
Update to 2.69 stable
...
Signed-off-by: Tomas Hozza <thozza@redhat.com>
2014-04-11 09:17:26 +02:00
9f1463102a
Update to 2.69rc1
...
- enable DNSSEC implementation
Signed-off-by: Tomas Hozza <thozza@redhat.com>
2014-03-24 15:09:51 +01:00
f828140df3
Update to 2.68 stable
...
Signed-off-by: Tomas Hozza <thozza@redhat.com>
2013-12-09 10:11:48 +01:00
fad2ab1eb0
Update to 2.68rc3
...
Signed-off-by: Tomas Hozza <thozza@redhat.com>
2013-11-26 14:09:59 +01:00
ad9a1ef487
Update to 2.67 stable
...
- Include one post release upstream fix for CNAME
Signed-off-by: Tomas Hozza <thozza@redhat.com>
2013-11-01 08:55:04 +01:00
c43d685d66
update to 2.67rc4
...
Signed-off-by: Tomas Hozza <thozza@redhat.com>
2013-10-18 16:14:39 +02:00
ad8cf52062
update to 2.67rc2
...
Signed-off-by: Tomas Hozza <thozza@redhat.com>
2013-10-02 17:05:33 +02:00
2f4ab38b51
update to 2.67test13
...
- use .tar.xz upstream archives
Signed-off-by: Tomas Hozza <thozza@redhat.com>
2013-09-12 10:56:50 +02:00
b6153d9e1e
Use SO_REUSEPORT and SO_REUSEADDR if possible for DHCPv4/6 ( #981973 )
...
Change fix for the Bug #981973 after discussion with the upstream.
Signed-off-by: Tomas Hozza <thozza@redhat.com>
2013-08-15 11:57:29 +02:00
ea5468d6a1
Don't use SO_REUSEPORT on DHCPv4 socket to prevent conflicts with ISC DHCP ( #981973 )
...
Signed-off-by: Tomas Hozza <thozza@redhat.com>
2013-08-12 15:15:08 +02:00
d4631ba788
- Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild
2013-08-03 02:32:42 -05:00
fb84f79daf
update to 2.67test7
...
- drop merged patch
- use _hardened_build macro instead of hardcoded flags
Signed-off-by: Tomas Hozza <thozza@redhat.com>
2013-06-11 12:25:52 +02:00
4b348e1002
Fix failure to start with ENOTSOCK ( #962874 )
...
Signed-off-by: Tomas Hozza <thozza@redhat.com>
2013-05-17 15:30:55 +02:00
f9818256f6
update to the latest testing release 2.67test4 ( #962246 )
...
- drop mergerd patches
Signed-off-by: Tomas Hozza <thozza@redhat.com>
2013-05-15 09:31:14 +02:00
c925f9e48a
dnsmasq unit file cleanup
...
- drop forking Type and PIDfile and rather start dnsmasq with "-k" option
- drop After syslog.target as this is by default
Signed-off-by: Tomas Hozza <thozza@redhat.com>
2013-04-30 17:24:27 +02:00
c47bd50841
Include several fixes from upstream repo
...
- Send TCP DNS messages in one packet
- Fix crash on SERVFAIL when using --conntrack option
- Fix regression in dhcp_lease_time utility
- Man page typos fixes
- Note that dhcp_lease_time and dhcp_release work only for IPv4
- Fix for --dhcp-match option to work also with BOOTP protocol
Signed-off-by: Tomas Hozza <thozza@redhat.com>
2013-04-25 10:29:58 +02:00
4db4008b50
Use Full RELRO when linking the daemon
...
Signed-off-by: Tomas Hozza <thozza@redhat.com>
2013-04-20 21:19:03 +02:00
e34aa6b7a4
Compile the daemon with PIE
...
Signed-off-by: Tomas Hozza <thozza@redhat.com>
2013-04-20 21:18:21 +02:00
c217afdb53
Include two fixes from upstream git repo
...
Signed-off-by: Tomas Hozza <thozza@redhat.com>
2013-04-20 19:56:35 +02:00
33f9cfc8b8
Corrected bad dates in changelog
...
Signed-off-by: Tomas Hozza <thozza@redhat.com>
2013-04-19 14:34:28 +02:00
609b978ebe
New stable version dnsmasq-2.66
...
+ Drop of merged patch
Signed-off-by: Tomas Hozza <thozza@redhat.com>
2013-04-18 09:27:37 +02:00
16e329b64e
Update to latest dnsmasq-2.66rc5
...
Also Include fix for segfault when lease limit is reached
Signed-off-by: Tomas Hozza <thozza@redhat.com>
2013-04-12 09:27:21 +02:00
24df3be371
Enable IDN support
...
Signed-off-by: Tomas Hozza <thozza@redhat.com>
2013-03-22 13:08:35 +01:00
b0df409e18
Update to latest dnsmasq-2.66rc1
...
- Dropping unneeded patches
Signed-off-by: Tomas Hozza <thozza@redhat.com>
2013-03-22 12:51:18 +01:00
bebbe6c7d0
Allocate dhcp_buff-ers also if daemon->ra_contexts to prevent SIGSEGV ( #920300 )
...
Signed-off-by: Tomas Hozza <thozza@redhat.com>
2013-03-15 11:41:41 +01:00
261955a53f
Handle locally-routed DNS Queries ( #904940 )
...
Signed-off-by: Tomas Hozza <thozza@redhat.com>
2013-01-31 11:23:34 +01:00
f6006969c4
Build dnsmasq with $RPM_OPT_FLAGS, $RPM_LD_FLAGS explicitly
...
Resolves: rhbz#903362
Signed-off-by: Tomas Hozza <thozza@redhat.com>
2013-01-24 09:39:54 +01:00
837eefae26
Fix for CVE-2013-0198 (checking of TCP connection interfaces)
...
Resolves: rhbz#901555
Signed-off-by: Tomas Hozza <thozza@redhat.com>
2013-01-22 17:40:49 +01:00
89b8fd1a70
new version 2.65
2012-12-15 12:45:01 +01:00
6df56349ef
New version 2.64
...
- Merged patches dropped
Signed-off-by: Tomas Hozza <thozza@redhat.com>
2012-12-05 16:00:56 +01:00
fcb96141a9
Remove EnvironmentFile from service file ( #878343 )
2012-11-20 09:03:00 +01:00
0a7f00b349
removed "-s $HOSTNAME" from .service file
...
(#753656 , #822797 )
2012-11-19 12:03:16 +01:00
d474b81de6
dhcp6 support fixes ( #867054 )
2012-11-19 10:47:40 +01:00
31764d7500
Introduce new systemd-rpm macros in dnsmasq spec file ( #850096 )
2012-10-23 08:47:24 +02:00
e517ebcaeb
New dnsmasq 2.63
2012-09-11 12:29:20 -04:00
1a4e01a7ef
- Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild
2012-07-18 15:59:46 -05:00
edbef00513
Compile DHCP lease management utils with RPM_OPT_FLAGS
2012-02-11 15:11:00 +00:00
389b91041c
Add DHCP lease management utils to a subpackage ( #788485 )
...
I used a subpackage so these utils have minimal dependencies
2012-02-09 17:05:27 +00:00
92202b20e2
whitespace cleanups
2012-02-09 16:32:59 +00:00
b1ab587891
- Rebuilt for https://fedoraproject.org/wiki/Fedora_17_Mass_Rebuild
2012-01-12 18:51:06 -06:00
2845e25229
- do not enable service by default
2011-10-28 11:04:23 -02:00
c9a3d1cb04
changes to version 2.59
2011-10-28 09:54:19 -02:00
ce3da5377c
- Improved spec to include new version of dnsmasq 2.58
...
- Changelog
2011-08-26 20:23:31 -03:00
779e6b5d95
- dnsmasq is GPLv2 (see COPYING)- fixing License
2011-08-26 11:05:54 -03:00
79727a1f7c
Include systemd unit file
2011-08-22 14:09:43 -04:00
027222403b
Include systemd unit file
2011-08-22 14:07:46 -04:00
a4a3c3269d
Applied Jóhann's patch, minor cleanup
...
* Thu Jul 26 2011 Jóhann B. Guðmundsson <johannbg@gmail.com> - 2.52-3
- Introduce systemd unit file, drop SysV support
2011-08-08 16:21:55 -05:00
417aebafe1
- Rebuilt for https://fedoraproject.org/wiki/Fedora_15_Mass_Rebuild
2011-02-08 08:29:55 -06:00
0d9e8c4cc1
- new version 2.5.2 and some bug fix
2010-01-26 16:24:33 +00:00
243a5a3627
fix dnsmasq.init bz 512664
2009-11-22 11:47:49 +00:00
fa07928015
- new version 2.51
2009-10-18 00:28:38 +00:00
80a7583e23
some improvement in dnsmasq initscript
2009-10-17 23:08:16 +00:00
8b0560dcd4
- Fix multiple TFTP server vulnerabilities (CVE-2009-2957, CVE-2009-2958)
2009-10-05 10:26:35 +00:00
27df76d8d5
- Use lzma compressed upstream tarball.
...
https://www.redhat.com/archives/fedora-devel-list/2009-August/msg00563.html
2009-08-12 17:05:49 +00:00
1ac3bd3216
- Rebuilt for https://fedoraproject.org/wiki/Fedora_12_Mass_Rebuild
2009-07-24 20:24:04 +00:00
01b090efb8
- Bugfix/feature enhancement update
...
- Fixing BZ#494094
2009-06-10 12:36:25 +00:00
7cad9d9ed2
- Bugfix/feature enhancement update
2009-05-29 14:08:10 +00:00
af406a1bf5
- Rebuilt for https://fedoraproject.org/wiki/Fedora_11_Mass_Rebuild
2009-02-24 12:12:18 +00:00
d2d84441b6
New upstream release. Fixes bug 472394.
...
The main changes in the upstream release:
inclduded support for D-BUS
support DHCP clients in multiple DNS domains
allow for more that one MAC address in a dhcp-host line
* many others
2008-12-29 01:39:59 +00:00
4bc8e57877
- Upstream release (bugfixes)
2008-07-22 00:52:10 +00:00
3d10ffe3e5
- Dropped patch for newer glibc (merged upstream)
2008-07-16 19:28:52 +00:00
ce211c7e6f
- New upstream release, contains fixes for CVE-2008-1447/CERT VU#800113
2008-07-16 19:11:57 +00:00
62e3847c18
- Added upstream-authored patch for newer glibc (thanks Simon!)
2008-02-14 03:05:21 +00:00
22ddee6737
- New upstream release
2008-02-13 15:21:24 +00:00
c318a1ebac
- Release candidate
...
- Happy Birthday Isaac!
2008-01-31 02:28:41 +00:00
4c94878ff4
- Bugfix update
2008-01-23 18:57:57 +00:00
d996be6b2d
- Bugfix/feature enhancement update
2007-12-31 12:39:26 +00:00
d927a5c90a
- Upstream fix for fairly serious regression
2007-12-13 13:16:32 +00:00
91d4b30e7b
- New upstream test release
...
- Moving dnsmasq.leases to /var/lib/dnsmasq/ as per BZ#407901
- Ignoring dangerous-command-in-%%post rpmlint warning (as per above fix)
- Patch consolidation/cleanup
- Removed conditionals for Fedora <= 3 and Aurora 2.0
2007-12-04 15:46:52 +00:00
b4e45c36b3
- New upstream test release
2007-11-27 22:04:41 +00:00
a1e0af8ad1
new upstream test release
2007-10-22 20:20:33 +00:00
e85159cbc8
oops, broken magic :-)
2007-09-18 15:36:39 +00:00
f994f122de
- Finalized upstream release
...
- Removing URLs from patch lines (CVS is the authoritative source)
- Added more magic to make spinning rc/test packages more seamless
(thanks to Kevin Fenzi for inspiring the latter two ;-)
2007-09-18 15:15:26 +00:00
9fa2ba4e2f
- New upstream release candidate (feature-frozen), thanks Simon!
...
- License clarification
2007-08-27 21:40:07 +00:00
6a4bb303a7
- Man page permission fix
...
- Not pushing new package (essentially cosmetic)
- Will bump-n-build when needed
2007-05-29 16:34:11 +00:00
d1bbeeb38a
- New upstream version (bugfixes, enhancements)
2007-05-29 16:01:00 +00:00
d000b5a599
- New upstream version with bugfix for potential hang
2007-02-12 21:49:28 +00:00
253ce1ddc7
- New upstream version
2007-02-06 19:56:31 +00:00
79305634d8
- New upstream version
2007-01-24 19:49:18 +00:00
65d7a409c6
- Stop creating /etc/sysconfig on %%install
...
- Create /etc/dnsmasq.d on %%install
2006-11-06 18:08:15 +00:00
474aabda98
- Update to 2.35
...
- Removed UPGRADING_to_2.0 from %%doc as per upstream change
- Enabled conf-dir in default config as per RFE BZ#214220 (thanks Chris!)
- Added %%dir /etc/dnsmasq.d to %%files as per above RFE
2006-11-06 17:58:49 +00:00
1b097383ae
- Fixed BZ#212005
...
- Moved %%postun scriptlet to %%post, where it made more sense
- Render scriptlets safer
- Minor cleanup for consistency
2006-10-24 16:26:49 +00:00
c99b31e4e8
Update to 2.34, minor cleanup
2006-10-19 18:09:19 +00:00
507262ebf9
Rebuild for FC6
2006-08-28 17:03:59 +00:00
c81c9a2f4e
Update
2006-08-15 20:35:02 +00:00
cc527efdcc
Added pkgconfig BuildReq due to reduced buildroot (thanks Matt!)
2006-07-22 14:20:16 +00:00
b3b82db446
Forced update due to dbus version bump
2006-07-20 13:23:20 +00:00
bc74c1b97e
Update to 2.32
2006-06-12 14:30:20 +00:00
60068e4691
Upgrade to 2.31
2006-05-08 15:51:19 +00:00
5275092fa0
Fix stupid mistake with dnsmasq.spec
2006-05-02 16:28:07 +00:00
00482ddfae
More upstream-recommended cleanups :)
2006-05-02 16:19:59 +00:00
aa950b3658
Fixed bug #190379 Moved options from init script to sysconfig file
2006-05-02 15:51:01 +00:00
9433ece76b
Implementing request from upstream, unified spec, etc
2006-04-27 15:16:45 +00:00
b0365fbe30
auto-import dnsmasq-2.30-2 on branch devel from dnsmasq-2.30-2.src.rpm
2006-04-25 16:51:25 +00:00
Petr Menšík
Fedora Release Engineering
Pavel Šimerda
Dennis Gilmore
Tomas Hozza
Pavel Šimerda
Nils Philippsen
Peter Robinson
Douglas Schilling Landgraf
Pádraig Brady
Stephen Gallagher
Patrick Laughton
Itamar Reis Peixoto
Mark McLoughlin
Ville Skyttä
Jesse Keating
Matej Cepl