rpms/dnsmasq
7
0
Fork 0
Code Issues Pull Requests Releases Activity
209 Commits 7 Branches 47 Tags 1,021 KiB
d7ba69deba
Commit Graph

188 Commits

Author SHA1 Message Date
Igor Gnatenko
1250e53590
Remove %clean section 
None of currently supported distributions need that.
Last one was EL5 which is EOL for a while.

Signed-off-by: Igor Gnatenko <ignatenkobrain@fedoraproject.org>
 2018-02-14 07:58:06 +01:00
Igor Gnatenko
d8871b193f Remove BuildRoot definition 
None of currently supported distributions need that.
It was needed last for EL5 which is EOL now

Signed-off-by: Igor Gnatenko <ignatenkobrain@fedoraproject.org>
 2018-02-13 23:13:50 +01:00
Fedora Release Engineering
d2b4129eba - Rebuilt for https://fedoraproject.org/wiki/Fedora_28_Mass_Rebuild 
Signed-off-by: Fedora Release Engineering <releng@fedoraproject.org>
 2018-02-07 07:04:50 +00:00
Petr Menšík
8cd7421e9d DNSSEC fix for wildcard NSEC records (CVE-2017-15107) 
Signed-off-by: Petr Menšík <pemensik@redhat.com>
 2018-01-22 15:38:46 +01:00
Petr Menšík
1447e0aebc Rebase to 2.78 
Signed-off-by: Petr Menšík <pemensik@redhat.com>
 2017-10-03 17:30:29 +02:00
Petr Menšík
35c602043d More patches related to CVE-2017-14491 
Signed-off-by: Petr Menšík <pemensik@redhat.com>
 2017-10-03 13:53:42 +02:00
Petr Menšík
d528970d82 Do not include stdio.h before dnsmasq.h 
We define some constants in dnsmasq.h, which have an influence on
stdio.h. So do not include stdio.h before dnsmasq.h.

Signed-off-by: Petr Menšík <pemensik@redhat.com>
 2017-10-02 17:25:16 +02:00
Petr Menšík
6379c5b2d4 Security fix, CVE-2017-14491, DNS heap buffer overflow. 
Further fix to 0549c73b7ea6b22a3c49beb4d432f185a81efcbc
Handles case when RR name is not a pointer to the question,
only occurs for some auth-mode replies, therefore not
detected by fuzzing (?)

Signed-off-by: Petr Menšík <pemensik@redhat.com>
 2017-10-02 17:17:17 +02:00
Petr Menšík
dfac991c15 Misc code cleanups arising from Google analysis. 
No security impleications or CVEs.

Signed-off-by: Petr Menšík <pemensik@redhat.com>
 2017-10-02 17:14:22 +02:00
Petr Menšík
ce9aecdce0 Security fix, CVE-2017-14495, OOM in DNS response 
creation.

    Fix out-of-memory Dos vulnerability. An attacker which can
    send malicious DNS queries to dnsmasq can trigger memory
    allocations in the add_pseudoheader function
    The allocated memory is never freed which leads to a DoS
    through memory exhaustion. dnsmasq is vulnerable only
    if one of the following option is specified:
    --add-mac, --add-cpe-id or --add-subnet.

Signed-off-by: Petr Menšík <pemensik@redhat.com>
 2017-10-02 17:08:22 +02:00
Petr Menšík
d75aef2c01 Security fix, CVE-2017-14496, Integer underflow in DNS response creation. 
Fix DoS in DNS. Invalid boundary checks in the
    add_pseudoheader function allows a memcpy call with negative
    size An attacker which can send malicious DNS queries
    to dnsmasq can trigger a DoS remotely.
    dnsmasq is vulnerable only if one of the following option is
    specified: --add-mac, --add-cpe-id or --add-subnet.

Signed-off-by: Petr Menšík <pemensik@redhat.com>
 2017-10-02 17:08:22 +02:00
Petr Menšík
e66c11835d Security fix, CVE-2017-14494, Infoleak handling DHCPv6 forwarded requests. 
Fix information leak in DHCPv6. A crafted DHCPv6 packet can
    cause dnsmasq to forward memory from outside the packet
    buffer to a DHCPv6 server when acting as a relay.

Signed-off-by: Petr Menšík <pemensik@redhat.com>
 2017-10-02 17:08:22 +02:00
Petr Menšík
e84d4fc50e Security fix, CVE-2017-14493, DHCPv6 - Stack buffer overflow. 
Fix stack overflow in DHCPv6 code. An attacker who can send
a DHCPv6 request to dnsmasq can overflow the stack frame and
crash or control dnsmasq.

Signed-off-by: Petr Menšík <pemensik@redhat.com>
 2017-10-02 17:08:22 +02:00
Petr Menšík
2daf3ff20f Security fix, CVE-2017-14492, DHCPv6 RA heap overflow. 
Fix heap overflow in IPv6 router advertisement code.
This is a potentially serious security hole, as a
crafted RA request can overflow a buffer and crash or
control dnsmasq. Attacker must be on the local network.

Signed-off-by: Petr Menšík <pemensik@redhat.com>
 2017-10-02 17:08:22 +02:00
Petr Menšík
bd80bf435e Security fix, CVE-2017-14491 DNS heap buffer overflow. 
Fix heap overflow in DNS code. This is a potentially serious
security hole. It allows an attacker who can make DNS
requests to dnsmasq, and who controls the contents of
a domain, which is thereby queried, to overflow
(by 2 bytes) a heap buffer and either crash, or
even take control of, dnsmasq.

Signed-off-by: Petr Menšík <pemensik@redhat.com>
 2017-10-02 17:08:22 +02:00
Petr Menšík
9d2935df23 Actually apply CVE fix 2017-09-26 13:42:46 +02:00
Petr Menšík
234a50f2b7 Fix CVE-2017-13704 2017-09-14 18:14:52 +02:00
Petr Menšík
81f0dbf828 Own the /usr/share/dnsmasq dir (#1480856) 2017-08-14 15:40:33 +02:00
Fedora Release Engineering
5ffdeda31f - Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Binutils_Mass_Rebuild 2017-08-02 19:40:59 +00:00
Fedora Release Engineering
d47ff42c98 - Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Mass_Rebuild 2017-07-26 06:22:31 +00:00
Petr Menšík
4b7ea7ea04 Update to 2.77 2017-06-07 11:35:10 +02:00
Petr Menšík
a26c714178 Fix unresponsible DHCP 2017-05-12 16:23:10 +02:00
Petr Menšík
389f40bfd5 Update to 2.77rc2 2017-05-11 19:42:38 +02:00
Petr Menšík
1db48a66a4 Support for IDN 2008 (#1449150) 2017-05-11 17:58:36 +02:00
Petr Menšík
323f116aa8 Include dhcp_release6 tool and license in utils 2017-05-11 17:56:41 +02:00
Fedora Release Engineering
1e0b4d4c56 - Rebuilt for https://fedoraproject.org/wiki/Fedora_26_Mass_Rebuild 2017-02-10 08:29:47 +00:00
Pavel Šimerda
cfdd2cf764 Resolves: #1373485 - dns not updated after sleep and resume laptop 2016-10-19 16:00:41 +02:00
Pavel Šimerda
30dfb66768 New version 2.76 2016-07-15 14:30:31 +02:00
Dennis Gilmore
566245555d - Rebuilt for https://fedoraproject.org/wiki/Fedora_24_Mass_Rebuild 2016-02-03 18:51:06 +00:00
Tomas Hozza
14e228cae8 Fixed minor bug in dnsmasq.conf (#1295143) 2016-01-25 11:16:36 +01:00
Pavel Šimerda
e6ea56c2ab Resolves: #1239256 - install trust-anchors.conf 2015-10-02 16:24:49 +02:00
Pavel Šimerda
68c179ea5c new version 2.75 2015-08-05 16:10:25 +02:00
Dennis Gilmore
aca4e7adb5 - Rebuilt for https://fedoraproject.org/wiki/Fedora_23_Mass_Rebuild 2015-06-17 04:14:11 +00:00
Nils Philippsen
b707570673 drop %triggerun 
We're not supposed to automatically migrate from SysV to systemd anyway.
 2014-10-06 15:28:13 +02:00
Nils Philippsen
c4cad4212b bump release 2014-10-06 14:27:16 +02:00
Nils Philippsen
f638f9b864 only require systemd-sysv and chkconfig for %triggerun 2014-10-06 14:26:58 +02:00
Nils Philippsen
a333098036 package is dual-licensed GPL v2 or v3 2014-10-06 14:26:33 +02:00
Nils Philippsen
faf594624d don't include /etc/dnsmasq.d in triplicate 
ignore RPM backup files instead
 2014-10-06 14:25:38 +02:00
Tomas Hozza
c0cb2fb429 Fix typo in default configuration (#1149459) 
Signed-off-by: Tomas Hozza <thozza@redhat.com>
 2014-10-06 10:35:08 +02:00
Tomas Hozza
848bf9f984 Update to 2.72 stable 
Signed-off-by: Tomas Hozza <thozza@redhat.com>
 2014-09-25 17:36:51 +02:00
Peter Robinson
7bb1482771 - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild 2014-08-16 03:08:55 +00:00
Dennis Gilmore
4134a56cf6 - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild 2014-06-07 02:43:15 -05:00
Tomas Hozza
aed8f846f6 Update to 2.71 stable 
Signed-off-by: Tomas Hozza <thozza@redhat.com>
 2014-05-20 10:24:23 +02:00
Tomas Hozza
ed23cea08b Update to 2.70 stable 
Resolves: rhbz#1091193
Signed-off-by: Tomas Hozza <thozza@redhat.com>
 2014-04-25 10:38:07 +02:00
Tomas Hozza
695b79525b Update to 2.69 stable 
Signed-off-by: Tomas Hozza <thozza@redhat.com>
 2014-04-11 09:17:26 +02:00
Tomas Hozza
9f1463102a Update to 2.69rc1 
- enable DNSSEC implementation

Signed-off-by: Tomas Hozza <thozza@redhat.com>
 2014-03-24 15:09:51 +01:00
Tomas Hozza
f828140df3 Update to 2.68 stable 
Signed-off-by: Tomas Hozza <thozza@redhat.com>
 2013-12-09 10:11:48 +01:00
Tomas Hozza
fad2ab1eb0 Update to 2.68rc3 
Signed-off-by: Tomas Hozza <thozza@redhat.com>
 2013-11-26 14:09:59 +01:00
Tomas Hozza
ad9a1ef487 Update to 2.67 stable 
- Include one post release upstream fix for CNAME

Signed-off-by: Tomas Hozza <thozza@redhat.com>
 2013-11-01 08:55:04 +01:00
Tomas Hozza
c43d685d66 update to 2.67rc4 
Signed-off-by: Tomas Hozza <thozza@redhat.com>
 2013-10-18 16:14:39 +02:00
Tomas Hozza
ad8cf52062 update to 2.67rc2 
Signed-off-by: Tomas Hozza <thozza@redhat.com>
 2013-10-02 17:05:33 +02:00
Tomas Hozza
2f4ab38b51 update to 2.67test13 
- use .tar.xz upstream archives

Signed-off-by: Tomas Hozza <thozza@redhat.com>
 2013-09-12 10:56:50 +02:00
Tomas Hozza
b6153d9e1e Use SO_REUSEPORT and SO_REUSEADDR if possible for DHCPv4/6 (#981973) 
Change fix for the Bug #981973 after discussion with the upstream.

Signed-off-by: Tomas Hozza <thozza@redhat.com>
 2013-08-15 11:57:29 +02:00
Tomas Hozza
ea5468d6a1 Don't use SO_REUSEPORT on DHCPv4 socket to prevent conflicts with ISC DHCP (#981973) 
Signed-off-by: Tomas Hozza <thozza@redhat.com>
 2013-08-12 15:15:08 +02:00
Dennis Gilmore
d4631ba788 - Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild 2013-08-03 02:32:42 -05:00
Tomas Hozza
fb84f79daf update to 2.67test7 
- drop merged patch
- use _hardened_build macro instead of hardcoded flags

Signed-off-by: Tomas Hozza <thozza@redhat.com>
 2013-06-11 12:25:52 +02:00
Tomas Hozza
4b348e1002 Fix failure to start with ENOTSOCK (#962874) 
Signed-off-by: Tomas Hozza <thozza@redhat.com>
 2013-05-17 15:30:55 +02:00
Tomas Hozza
f9818256f6 update to the latest testing release 2.67test4 (#962246) 
- drop mergerd patches

Signed-off-by: Tomas Hozza <thozza@redhat.com>
 2013-05-15 09:31:14 +02:00
Tomas Hozza
c925f9e48a dnsmasq unit file cleanup 
- drop forking Type and PIDfile and rather start dnsmasq with "-k" option
- drop After syslog.target as this is by default

Signed-off-by: Tomas Hozza <thozza@redhat.com>
 2013-04-30 17:24:27 +02:00
Tomas Hozza
c47bd50841 Include several fixes from upstream repo 
- Send TCP DNS messages in one packet
- Fix crash on SERVFAIL when using --conntrack option
- Fix regression in dhcp_lease_time utility
- Man page typos fixes
- Note that dhcp_lease_time and dhcp_release work only for IPv4
- Fix for --dhcp-match option to work also with BOOTP protocol

Signed-off-by: Tomas Hozza <thozza@redhat.com>
 2013-04-25 10:29:58 +02:00
Tomas Hozza
4db4008b50 Use Full RELRO when linking the daemon 
Signed-off-by: Tomas Hozza <thozza@redhat.com>
 2013-04-20 21:19:03 +02:00
Tomas Hozza
e34aa6b7a4 Compile the daemon with PIE 
Signed-off-by: Tomas Hozza <thozza@redhat.com>
 2013-04-20 21:18:21 +02:00
Tomas Hozza
c217afdb53 Include two fixes from upstream git repo 
Signed-off-by: Tomas Hozza <thozza@redhat.com>
 2013-04-20 19:56:35 +02:00
Tomas Hozza
33f9cfc8b8 Corrected bad dates in changelog 
Signed-off-by: Tomas Hozza <thozza@redhat.com>
 2013-04-19 14:34:28 +02:00
Tomas Hozza
609b978ebe New stable version dnsmasq-2.66 
+ Drop of merged patch

Signed-off-by: Tomas Hozza <thozza@redhat.com>
 2013-04-18 09:27:37 +02:00
Tomas Hozza
16e329b64e Update to latest dnsmasq-2.66rc5 
Also Include fix for segfault when lease limit is reached

Signed-off-by: Tomas Hozza <thozza@redhat.com>
 2013-04-12 09:27:21 +02:00
Tomas Hozza
24df3be371 Enable IDN support 
Signed-off-by: Tomas Hozza <thozza@redhat.com>
 2013-03-22 13:08:35 +01:00
Tomas Hozza
b0df409e18 Update to latest dnsmasq-2.66rc1 
- Dropping unneeded patches

Signed-off-by: Tomas Hozza <thozza@redhat.com>
 2013-03-22 12:51:18 +01:00
Tomas Hozza
bebbe6c7d0 Allocate dhcp_buff-ers also if daemon->ra_contexts to prevent SIGSEGV (#920300) 
Signed-off-by: Tomas Hozza <thozza@redhat.com>
 2013-03-15 11:41:41 +01:00
Tomas Hozza
261955a53f Handle locally-routed DNS Queries (#904940) 
Signed-off-by: Tomas Hozza <thozza@redhat.com>
 2013-01-31 11:23:34 +01:00
Tomas Hozza
f6006969c4 Build dnsmasq with $RPM_OPT_FLAGS, $RPM_LD_FLAGS explicitly 
Resolves: rhbz#903362
Signed-off-by: Tomas Hozza <thozza@redhat.com>
 2013-01-24 09:39:54 +01:00
Tomas Hozza
837eefae26 Fix for CVE-2013-0198 (checking of TCP connection interfaces) 
Resolves: rhbz#901555
Signed-off-by: Tomas Hozza <thozza@redhat.com>
 2013-01-22 17:40:49 +01:00
Tomas Hozza
89b8fd1a70 new version 2.65 2012-12-15 12:45:01 +01:00
Tomas Hozza
6df56349ef New version 2.64 
- Merged patches dropped

Signed-off-by: Tomas Hozza <thozza@redhat.com>
 2012-12-05 16:00:56 +01:00
Tomas Hozza
fcb96141a9 Remove EnvironmentFile from service file (#878343) 2012-11-20 09:03:00 +01:00
Tomas Hozza
0a7f00b349 removed "-s $HOSTNAME" from .service file 
(#753656, #822797)
 2012-11-19 12:03:16 +01:00
Tomas Hozza
d474b81de6 dhcp6 support fixes (#867054) 2012-11-19 10:47:40 +01:00
Tomas Hozza
31764d7500 Introduce new systemd-rpm macros in dnsmasq spec file (#850096) 2012-10-23 08:47:24 +02:00
Douglas Schilling Landgraf
e517ebcaeb New dnsmasq 2.63 2012-09-11 12:29:20 -04:00
Dennis Gilmore
1a4e01a7ef - Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild 2012-07-18 15:59:46 -05:00
Pádraig Brady
edbef00513 Compile DHCP lease management utils with RPM_OPT_FLAGS 2012-02-11 15:11:00 +00:00
Pádraig Brady
389b91041c Add DHCP lease management utils to a subpackage (#788485) 
I used a subpackage so these utils have minimal dependencies
 2012-02-09 17:05:27 +00:00
Pádraig Brady
92202b20e2 whitespace cleanups 2012-02-09 16:32:59 +00:00
Dennis Gilmore
b1ab587891 - Rebuilt for https://fedoraproject.org/wiki/Fedora_17_Mass_Rebuild 2012-01-12 18:51:06 -06:00
Douglas Schilling Landgraf
2845e25229 - do not enable service by default 2011-10-28 11:04:23 -02:00
Douglas Schilling Landgraf
c9a3d1cb04 changes to version 2.59 2011-10-28 09:54:19 -02:00
Douglas Schilling Landgraf
ce3da5377c - Improved spec to include new version of dnsmasq 2.58 
- Changelog
 2011-08-26 20:23:31 -03:00
Douglas Schilling Landgraf
779e6b5d95 - dnsmasq is GPLv2 (see COPYING)- fixing License 2011-08-26 11:05:54 -03:00
Stephen Gallagher
79727a1f7c Include systemd unit file 2011-08-22 14:09:43 -04:00
Stephen Gallagher
027222403b Include systemd unit file 2011-08-22 14:07:46 -04:00
Patrick Laughton
a4a3c3269d Applied Jóhann's patch, minor cleanup 
* Thu Jul 26 2011 Jóhann B. Guðmundsson <johannbg@gmail.com> - 2.52-3
- Introduce systemd unit file, drop SysV support
 2011-08-08 16:21:55 -05:00
Dennis Gilmore
417aebafe1 - Rebuilt for https://fedoraproject.org/wiki/Fedora_15_Mass_Rebuild 2011-02-08 08:29:55 -06:00
Itamar Reis Peixoto
0d9e8c4cc1 - new version 2.5.2 and some bug fix 2010-01-26 16:24:33 +00:00
Itamar Reis Peixoto
243a5a3627 fix dnsmasq.init bz 512664 2009-11-22 11:47:49 +00:00
Itamar Reis Peixoto
fa07928015 - new version 2.51 2009-10-18 00:28:38 +00:00
Itamar Reis Peixoto
80a7583e23 some improvement in dnsmasq initscript 2009-10-17 23:08:16 +00:00
Mark McLoughlin
8b0560dcd4 - Fix multiple TFTP server vulnerabilities (CVE-2009-2957, CVE-2009-2958) 2009-10-05 10:26:35 +00:00
Ville Skyttä
27df76d8d5 - Use lzma compressed upstream tarball. 
https://www.redhat.com/archives/fedora-devel-list/2009-August/msg00563.html
 2009-08-12 17:05:49 +00:00
Jesse Keating
1ac3bd3216 - Rebuilt for https://fedoraproject.org/wiki/Fedora_12_Mass_Rebuild 2009-07-24 20:24:04 +00:00
Patrick Laughton
01b090efb8 - Bugfix/feature enhancement update 
- Fixing BZ#494094
 2009-06-10 12:36:25 +00:00