Commit Graph

1 Commits

Author SHA1 Message Date
Petr Menšík
bd80bf435e Security fix, CVE-2017-14491 DNS heap buffer overflow.
Fix heap overflow in DNS code. This is a potentially serious
security hole. It allows an attacker who can make DNS
requests to dnsmasq, and who controls the contents of
a domain, which is thereby queried, to overflow
(by 2 bytes) a heap buffer and either crash, or
even take control of, dnsmasq.

Signed-off-by: Petr Menšík <pemensik@redhat.com>
2017-10-02 17:08:22 +02:00