rpms/dnsmasq
7
0
Fork 0
Code Issues Pull Requests Releases Activity
Unnamed repository
275 Commits 8 Branches 58 Tags 907 KiB
Diff 100%
c10s
Go to file
Petr Menšík f1dcf6afb2 Fix buffer overflow vulnerability in extract_addresses() (CVE-2026-5172) 
Thanks to Hugo Martinez Ray for spotting this.

The value of rdlen for an RR can be a lie, allowing the
call to extract_name() at rfc1025.c:952 to advance the value of p1
past the calculated end of the record. The makes the calculation
of bytes remaining in the RR underflow to a huge number and results
in a massive heap OOB read and certain crash.

Resolves-Vulnerability: CVE-2026-5172
Resolves: RHEL-168349
2026-06-03 10:40:18 +02:00
.fmf Adding fmf plan 2022-04-20 09:09:42 +00:00
.gitignore Update to 2.90 (#2264049) 2024-06-01 00:09:37 +02:00
ci.fmf adding ci.fmf to have more plans 2022-04-20 09:09:42 +00:00
dnsmasq-2.77-underflow.patch Update to 2.90 (#2264049) 2024-06-01 00:09:37 +02:00
dnsmasq-2.78-fips.patch Update to dnsmasq 2.80 2018-10-24 19:36:17 +02:00
dnsmasq-2.81-configuration.patch Use local-service=host for initial configuration (#2258062) 2024-01-12 17:50:49 +01:00
dnsmasq-2.86-build_server_array.patch Update to 2.87 (#2129658) 2022-09-27 15:35:46 +02:00
dnsmasq-2.93-CVE-2026-2291.patch Prevent overflow in extract_name function (CVE-2026-2291) 2026-06-03 10:40:02 +02:00
dnsmasq-2.93-CVE-2026-4890.patch Fix NSEC bitmap parsing infinite loop (CVE-2026-4890) 2026-06-03 10:40:18 +02:00
dnsmasq-2.93-CVE-2026-4891.patch Verify rdlen field in RRSIG packets (CVE-2026-4891) 2026-06-03 10:40:18 +02:00
dnsmasq-2.93-CVE-2026-4892.patch Fix buffer overflow in helper.c with large CLIDs (CVE-2026-4892) 2026-06-03 10:40:18 +02:00
dnsmasq-2.93-CVE-2026-4893.patch Fix broken client subnet validation (CVE-2026-4893) 2026-06-03 10:40:18 +02:00
dnsmasq-2.93-CVE-2026-5172.patch Fix buffer overflow vulnerability in extract_addresses() (CVE-2026-5172) 2026-06-03 10:40:18 +02:00
dnsmasq-CVE-2026-2291.patch Fix improper validated wire format of DNS name 2026-06-03 10:39:06 +02:00
dnsmasq-systemd-sysusers.conf add dnsmasq-systemd-sysusers.conf 2018-02-23 00:11:49 -03:00
dnsmasq.service Start before nss-lookup.target, hint modification to listen on IP (#1984618) 2021-07-22 21:29:28 +02:00
dnsmasq.spec Fix buffer overflow vulnerability in extract_addresses() (CVE-2026-5172) 2026-06-03 10:40:18 +02:00
gating.yaml rhel10 setting for CI 2024-05-27 09:58:02 +02:00
nm.fmf nm.fmf with NetworkManager 2024-05-27 10:10:58 +02:00
plans.fmf https://issues.redhat.com/browse/RHELMISC-13073 2025-06-05 12:16:04 +02:00
rpminspect.yaml fixup! Avoid bogus messages from rpmlint about badfuncs 2022-04-29 17:04:05 +02:00
sources Update to 2.90 (#2264049) 2024-06-01 00:09:37 +02:00
srkgpg.txt Add source GPG validation 2020-04-16 21:37:32 +02:00
test-release-public-key Add source GPG validation 2020-04-16 21:37:32 +02:00
tmpfiles-dnsmasq.conf Added installation of tmpfiles.d config 2025-12-08 14:44:29 +01:00