rpms/dnsmasq
7
0
Fork 0
Code Issues Pull Requests Releases Activity
208 Commits 7 Branches 46 Tags 1,009 KiB
f497e41434
Commit Graph

187 Commits

Author SHA1 Message Date
Igor Gnatenko
d8871b193f Remove BuildRoot definition 
None of currently supported distributions need that.
It was needed last for EL5 which is EOL now

Signed-off-by: Igor Gnatenko <ignatenkobrain@fedoraproject.org>
 2018-02-13 23:13:50 +01:00
Fedora Release Engineering
d2b4129eba - Rebuilt for https://fedoraproject.org/wiki/Fedora_28_Mass_Rebuild 
Signed-off-by: Fedora Release Engineering <releng@fedoraproject.org>
 2018-02-07 07:04:50 +00:00
Petr Menšík
8cd7421e9d DNSSEC fix for wildcard NSEC records (CVE-2017-15107) 
Signed-off-by: Petr Menšík <pemensik@redhat.com>
 2018-01-22 15:38:46 +01:00
Petr Menšík
1447e0aebc Rebase to 2.78 
Signed-off-by: Petr Menšík <pemensik@redhat.com>
 2017-10-03 17:30:29 +02:00
Petr Menšík
35c602043d More patches related to CVE-2017-14491 
Signed-off-by: Petr Menšík <pemensik@redhat.com>
 2017-10-03 13:53:42 +02:00
Petr Menšík
d528970d82 Do not include stdio.h before dnsmasq.h 
We define some constants in dnsmasq.h, which have an influence on
stdio.h. So do not include stdio.h before dnsmasq.h.

Signed-off-by: Petr Menšík <pemensik@redhat.com>
 2017-10-02 17:25:16 +02:00
Petr Menšík
6379c5b2d4 Security fix, CVE-2017-14491, DNS heap buffer overflow. 
Further fix to 0549c73b7ea6b22a3c49beb4d432f185a81efcbc
Handles case when RR name is not a pointer to the question,
only occurs for some auth-mode replies, therefore not
detected by fuzzing (?)

Signed-off-by: Petr Menšík <pemensik@redhat.com>
 2017-10-02 17:17:17 +02:00
Petr Menšík
dfac991c15 Misc code cleanups arising from Google analysis. 
No security impleications or CVEs.

Signed-off-by: Petr Menšík <pemensik@redhat.com>
 2017-10-02 17:14:22 +02:00
Petr Menšík
ce9aecdce0 Security fix, CVE-2017-14495, OOM in DNS response 
creation.

    Fix out-of-memory Dos vulnerability. An attacker which can
    send malicious DNS queries to dnsmasq can trigger memory
    allocations in the add_pseudoheader function
    The allocated memory is never freed which leads to a DoS
    through memory exhaustion. dnsmasq is vulnerable only
    if one of the following option is specified:
    --add-mac, --add-cpe-id or --add-subnet.

Signed-off-by: Petr Menšík <pemensik@redhat.com>
 2017-10-02 17:08:22 +02:00
Petr Menšík
d75aef2c01 Security fix, CVE-2017-14496, Integer underflow in DNS response creation. 
Fix DoS in DNS. Invalid boundary checks in the
    add_pseudoheader function allows a memcpy call with negative
    size An attacker which can send malicious DNS queries
    to dnsmasq can trigger a DoS remotely.
    dnsmasq is vulnerable only if one of the following option is
    specified: --add-mac, --add-cpe-id or --add-subnet.

Signed-off-by: Petr Menšík <pemensik@redhat.com>
 2017-10-02 17:08:22 +02:00
Petr Menšík
e66c11835d Security fix, CVE-2017-14494, Infoleak handling DHCPv6 forwarded requests. 
Fix information leak in DHCPv6. A crafted DHCPv6 packet can
    cause dnsmasq to forward memory from outside the packet
    buffer to a DHCPv6 server when acting as a relay.

Signed-off-by: Petr Menšík <pemensik@redhat.com>
 2017-10-02 17:08:22 +02:00
Petr Menšík
e84d4fc50e Security fix, CVE-2017-14493, DHCPv6 - Stack buffer overflow. 
Fix stack overflow in DHCPv6 code. An attacker who can send
a DHCPv6 request to dnsmasq can overflow the stack frame and
crash or control dnsmasq.

Signed-off-by: Petr Menšík <pemensik@redhat.com>
 2017-10-02 17:08:22 +02:00
Petr Menšík
2daf3ff20f Security fix, CVE-2017-14492, DHCPv6 RA heap overflow. 
Fix heap overflow in IPv6 router advertisement code.
This is a potentially serious security hole, as a
crafted RA request can overflow a buffer and crash or
control dnsmasq. Attacker must be on the local network.

Signed-off-by: Petr Menšík <pemensik@redhat.com>
 2017-10-02 17:08:22 +02:00
Petr Menšík
bd80bf435e Security fix, CVE-2017-14491 DNS heap buffer overflow. 
Fix heap overflow in DNS code. This is a potentially serious
security hole. It allows an attacker who can make DNS
requests to dnsmasq, and who controls the contents of
a domain, which is thereby queried, to overflow
(by 2 bytes) a heap buffer and either crash, or
even take control of, dnsmasq.

Signed-off-by: Petr Menšík <pemensik@redhat.com>
 2017-10-02 17:08:22 +02:00
Petr Menšík
9d2935df23 Actually apply CVE fix 2017-09-26 13:42:46 +02:00
Petr Menšík
234a50f2b7 Fix CVE-2017-13704 2017-09-14 18:14:52 +02:00
Petr Menšík
81f0dbf828 Own the /usr/share/dnsmasq dir (#1480856) 2017-08-14 15:40:33 +02:00
Fedora Release Engineering
5ffdeda31f - Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Binutils_Mass_Rebuild 2017-08-02 19:40:59 +00:00
Fedora Release Engineering
d47ff42c98 - Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Mass_Rebuild 2017-07-26 06:22:31 +00:00
Petr Menšík
4b7ea7ea04 Update to 2.77 2017-06-07 11:35:10 +02:00
Petr Menšík
a26c714178 Fix unresponsible DHCP 2017-05-12 16:23:10 +02:00
Petr Menšík
389f40bfd5 Update to 2.77rc2 2017-05-11 19:42:38 +02:00
Petr Menšík
1db48a66a4 Support for IDN 2008 (#1449150) 2017-05-11 17:58:36 +02:00
Petr Menšík
323f116aa8 Include dhcp_release6 tool and license in utils 2017-05-11 17:56:41 +02:00
Fedora Release Engineering
1e0b4d4c56 - Rebuilt for https://fedoraproject.org/wiki/Fedora_26_Mass_Rebuild 2017-02-10 08:29:47 +00:00
Pavel Šimerda
cfdd2cf764 Resolves: #1373485 - dns not updated after sleep and resume laptop 2016-10-19 16:00:41 +02:00
Pavel Šimerda
30dfb66768 New version 2.76 2016-07-15 14:30:31 +02:00
Dennis Gilmore
566245555d - Rebuilt for https://fedoraproject.org/wiki/Fedora_24_Mass_Rebuild 2016-02-03 18:51:06 +00:00
Tomas Hozza
14e228cae8 Fixed minor bug in dnsmasq.conf (#1295143) 2016-01-25 11:16:36 +01:00
Pavel Šimerda
e6ea56c2ab Resolves: #1239256 - install trust-anchors.conf 2015-10-02 16:24:49 +02:00
Pavel Šimerda
68c179ea5c new version 2.75 2015-08-05 16:10:25 +02:00
Dennis Gilmore
aca4e7adb5 - Rebuilt for https://fedoraproject.org/wiki/Fedora_23_Mass_Rebuild 2015-06-17 04:14:11 +00:00
Nils Philippsen
b707570673 drop %triggerun 
We're not supposed to automatically migrate from SysV to systemd anyway.
 2014-10-06 15:28:13 +02:00
Nils Philippsen
c4cad4212b bump release 2014-10-06 14:27:16 +02:00
Nils Philippsen
f638f9b864 only require systemd-sysv and chkconfig for %triggerun 2014-10-06 14:26:58 +02:00
Nils Philippsen
a333098036 package is dual-licensed GPL v2 or v3 2014-10-06 14:26:33 +02:00
Nils Philippsen
faf594624d don't include /etc/dnsmasq.d in triplicate 
ignore RPM backup files instead
 2014-10-06 14:25:38 +02:00
Tomas Hozza
c0cb2fb429 Fix typo in default configuration (#1149459) 
Signed-off-by: Tomas Hozza <thozza@redhat.com>
 2014-10-06 10:35:08 +02:00
Tomas Hozza
848bf9f984 Update to 2.72 stable 
Signed-off-by: Tomas Hozza <thozza@redhat.com>
 2014-09-25 17:36:51 +02:00
Peter Robinson
7bb1482771 - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild 2014-08-16 03:08:55 +00:00
Dennis Gilmore
4134a56cf6 - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild 2014-06-07 02:43:15 -05:00
Tomas Hozza
aed8f846f6 Update to 2.71 stable 
Signed-off-by: Tomas Hozza <thozza@redhat.com>
 2014-05-20 10:24:23 +02:00
Tomas Hozza
ed23cea08b Update to 2.70 stable 
Resolves: rhbz#1091193
Signed-off-by: Tomas Hozza <thozza@redhat.com>
 2014-04-25 10:38:07 +02:00
Tomas Hozza
695b79525b Update to 2.69 stable 
Signed-off-by: Tomas Hozza <thozza@redhat.com>
 2014-04-11 09:17:26 +02:00
Tomas Hozza
9f1463102a Update to 2.69rc1 
- enable DNSSEC implementation

Signed-off-by: Tomas Hozza <thozza@redhat.com>
 2014-03-24 15:09:51 +01:00
Tomas Hozza
f828140df3 Update to 2.68 stable 
Signed-off-by: Tomas Hozza <thozza@redhat.com>
 2013-12-09 10:11:48 +01:00
Tomas Hozza
fad2ab1eb0 Update to 2.68rc3 
Signed-off-by: Tomas Hozza <thozza@redhat.com>
 2013-11-26 14:09:59 +01:00
Tomas Hozza
ad9a1ef487 Update to 2.67 stable 
- Include one post release upstream fix for CNAME

Signed-off-by: Tomas Hozza <thozza@redhat.com>
 2013-11-01 08:55:04 +01:00
Tomas Hozza
c43d685d66 update to 2.67rc4 
Signed-off-by: Tomas Hozza <thozza@redhat.com>
 2013-10-18 16:14:39 +02:00
Tomas Hozza
ad8cf52062 update to 2.67rc2 
Signed-off-by: Tomas Hozza <thozza@redhat.com>
 2013-10-02 17:05:33 +02:00
Tomas Hozza
2f4ab38b51 update to 2.67test13 
- use .tar.xz upstream archives

Signed-off-by: Tomas Hozza <thozza@redhat.com>
 2013-09-12 10:56:50 +02:00
Tomas Hozza
b6153d9e1e Use SO_REUSEPORT and SO_REUSEADDR if possible for DHCPv4/6 (#981973) 
Change fix for the Bug #981973 after discussion with the upstream.

Signed-off-by: Tomas Hozza <thozza@redhat.com>
 2013-08-15 11:57:29 +02:00
Tomas Hozza
ea5468d6a1 Don't use SO_REUSEPORT on DHCPv4 socket to prevent conflicts with ISC DHCP (#981973) 
Signed-off-by: Tomas Hozza <thozza@redhat.com>
 2013-08-12 15:15:08 +02:00
Dennis Gilmore
d4631ba788 - Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild 2013-08-03 02:32:42 -05:00
Tomas Hozza
fb84f79daf update to 2.67test7 
- drop merged patch
- use _hardened_build macro instead of hardcoded flags

Signed-off-by: Tomas Hozza <thozza@redhat.com>
 2013-06-11 12:25:52 +02:00
Tomas Hozza
4b348e1002 Fix failure to start with ENOTSOCK (#962874) 
Signed-off-by: Tomas Hozza <thozza@redhat.com>
 2013-05-17 15:30:55 +02:00
Tomas Hozza
f9818256f6 update to the latest testing release 2.67test4 (#962246) 
- drop mergerd patches

Signed-off-by: Tomas Hozza <thozza@redhat.com>
 2013-05-15 09:31:14 +02:00
Tomas Hozza
c925f9e48a dnsmasq unit file cleanup 
- drop forking Type and PIDfile and rather start dnsmasq with "-k" option
- drop After syslog.target as this is by default

Signed-off-by: Tomas Hozza <thozza@redhat.com>
 2013-04-30 17:24:27 +02:00
Tomas Hozza
c47bd50841 Include several fixes from upstream repo 
- Send TCP DNS messages in one packet
- Fix crash on SERVFAIL when using --conntrack option
- Fix regression in dhcp_lease_time utility
- Man page typos fixes
- Note that dhcp_lease_time and dhcp_release work only for IPv4
- Fix for --dhcp-match option to work also with BOOTP protocol

Signed-off-by: Tomas Hozza <thozza@redhat.com>
 2013-04-25 10:29:58 +02:00
Tomas Hozza
4db4008b50 Use Full RELRO when linking the daemon 
Signed-off-by: Tomas Hozza <thozza@redhat.com>
 2013-04-20 21:19:03 +02:00
Tomas Hozza
e34aa6b7a4 Compile the daemon with PIE 
Signed-off-by: Tomas Hozza <thozza@redhat.com>
 2013-04-20 21:18:21 +02:00
Tomas Hozza
c217afdb53 Include two fixes from upstream git repo 
Signed-off-by: Tomas Hozza <thozza@redhat.com>
 2013-04-20 19:56:35 +02:00
Tomas Hozza
33f9cfc8b8 Corrected bad dates in changelog 
Signed-off-by: Tomas Hozza <thozza@redhat.com>
 2013-04-19 14:34:28 +02:00
Tomas Hozza
609b978ebe New stable version dnsmasq-2.66 
+ Drop of merged patch

Signed-off-by: Tomas Hozza <thozza@redhat.com>
 2013-04-18 09:27:37 +02:00
Tomas Hozza
16e329b64e Update to latest dnsmasq-2.66rc5 
Also Include fix for segfault when lease limit is reached

Signed-off-by: Tomas Hozza <thozza@redhat.com>
 2013-04-12 09:27:21 +02:00
Tomas Hozza
24df3be371 Enable IDN support 
Signed-off-by: Tomas Hozza <thozza@redhat.com>
 2013-03-22 13:08:35 +01:00
Tomas Hozza
b0df409e18 Update to latest dnsmasq-2.66rc1 
- Dropping unneeded patches

Signed-off-by: Tomas Hozza <thozza@redhat.com>
 2013-03-22 12:51:18 +01:00
Tomas Hozza
bebbe6c7d0 Allocate dhcp_buff-ers also if daemon->ra_contexts to prevent SIGSEGV (#920300) 
Signed-off-by: Tomas Hozza <thozza@redhat.com>
 2013-03-15 11:41:41 +01:00
Tomas Hozza
261955a53f Handle locally-routed DNS Queries (#904940) 
Signed-off-by: Tomas Hozza <thozza@redhat.com>
 2013-01-31 11:23:34 +01:00
Tomas Hozza
f6006969c4 Build dnsmasq with $RPM_OPT_FLAGS, $RPM_LD_FLAGS explicitly 
Resolves: rhbz#903362
Signed-off-by: Tomas Hozza <thozza@redhat.com>
 2013-01-24 09:39:54 +01:00
Tomas Hozza
837eefae26 Fix for CVE-2013-0198 (checking of TCP connection interfaces) 
Resolves: rhbz#901555
Signed-off-by: Tomas Hozza <thozza@redhat.com>
 2013-01-22 17:40:49 +01:00
Tomas Hozza
89b8fd1a70 new version 2.65 2012-12-15 12:45:01 +01:00
Tomas Hozza
6df56349ef New version 2.64 
- Merged patches dropped

Signed-off-by: Tomas Hozza <thozza@redhat.com>
 2012-12-05 16:00:56 +01:00
Tomas Hozza
fcb96141a9 Remove EnvironmentFile from service file (#878343) 2012-11-20 09:03:00 +01:00
Tomas Hozza
0a7f00b349 removed "-s $HOSTNAME" from .service file 
(#753656, #822797)
 2012-11-19 12:03:16 +01:00
Tomas Hozza
d474b81de6 dhcp6 support fixes (#867054) 2012-11-19 10:47:40 +01:00
Tomas Hozza
31764d7500 Introduce new systemd-rpm macros in dnsmasq spec file (#850096) 2012-10-23 08:47:24 +02:00
Douglas Schilling Landgraf
e517ebcaeb New dnsmasq 2.63 2012-09-11 12:29:20 -04:00
Dennis Gilmore
1a4e01a7ef - Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild 2012-07-18 15:59:46 -05:00
Pádraig Brady
edbef00513 Compile DHCP lease management utils with RPM_OPT_FLAGS 2012-02-11 15:11:00 +00:00
Pádraig Brady
389b91041c Add DHCP lease management utils to a subpackage (#788485) 
I used a subpackage so these utils have minimal dependencies
 2012-02-09 17:05:27 +00:00
Pádraig Brady
92202b20e2 whitespace cleanups 2012-02-09 16:32:59 +00:00
Dennis Gilmore
b1ab587891 - Rebuilt for https://fedoraproject.org/wiki/Fedora_17_Mass_Rebuild 2012-01-12 18:51:06 -06:00
Douglas Schilling Landgraf
2845e25229 - do not enable service by default 2011-10-28 11:04:23 -02:00
Douglas Schilling Landgraf
c9a3d1cb04 changes to version 2.59 2011-10-28 09:54:19 -02:00
Douglas Schilling Landgraf
ce3da5377c - Improved spec to include new version of dnsmasq 2.58 
- Changelog
 2011-08-26 20:23:31 -03:00
Douglas Schilling Landgraf
779e6b5d95 - dnsmasq is GPLv2 (see COPYING)- fixing License 2011-08-26 11:05:54 -03:00
Stephen Gallagher
79727a1f7c Include systemd unit file 2011-08-22 14:09:43 -04:00
Stephen Gallagher
027222403b Include systemd unit file 2011-08-22 14:07:46 -04:00
Patrick Laughton
a4a3c3269d Applied Jóhann's patch, minor cleanup 
* Thu Jul 26 2011 Jóhann B. Guðmundsson <johannbg@gmail.com> - 2.52-3
- Introduce systemd unit file, drop SysV support
 2011-08-08 16:21:55 -05:00
Dennis Gilmore
417aebafe1 - Rebuilt for https://fedoraproject.org/wiki/Fedora_15_Mass_Rebuild 2011-02-08 08:29:55 -06:00
Itamar Reis Peixoto
0d9e8c4cc1 - new version 2.5.2 and some bug fix 2010-01-26 16:24:33 +00:00
Itamar Reis Peixoto
243a5a3627 fix dnsmasq.init bz 512664 2009-11-22 11:47:49 +00:00
Itamar Reis Peixoto
fa07928015 - new version 2.51 2009-10-18 00:28:38 +00:00
Itamar Reis Peixoto
80a7583e23 some improvement in dnsmasq initscript 2009-10-17 23:08:16 +00:00
Mark McLoughlin
8b0560dcd4 - Fix multiple TFTP server vulnerabilities (CVE-2009-2957, CVE-2009-2958) 2009-10-05 10:26:35 +00:00
Ville Skyttä
27df76d8d5 - Use lzma compressed upstream tarball. 
https://www.redhat.com/archives/fedora-devel-list/2009-August/msg00563.html
 2009-08-12 17:05:49 +00:00
Jesse Keating
1ac3bd3216 - Rebuilt for https://fedoraproject.org/wiki/Fedora_12_Mass_Rebuild 2009-07-24 20:24:04 +00:00
Patrick Laughton
01b090efb8 - Bugfix/feature enhancement update 
- Fixing BZ#494094
 2009-06-10 12:36:25 +00:00
Patrick Laughton
7cad9d9ed2 - Bugfix/feature enhancement update 2009-05-29 14:08:10 +00:00