[ASA-201801-32] dnsmasq: insufficient validation
anthraxx at archlinux.org
Wed Jan 31 00:05:33 UTC 2018
Arch Linux Security Advisory ASA-201801-32
Date : 2018-01-30
CVE-ID : CVE-2017-15107
Package : dnsmasq
Type : insufficient validation
Remote : Yes
Link : https://security.archlinux.org/AVG-592
The package dnsmasq before version 2.78-2 is vulnerable to insufficient
Upgrade to 2.78-2.
# pacman -Syu "dnsmasq>=2.78-2"
The problem has been fixed upstream but no release is available yet.
A vulnerability was found in Dnsmasq's implementation of DNSSEC before
2.79. Wildcard synthesized NSEC records could be improperly interpreted
to prove the non-existence of hostnames that actually exist.
A remote attacker may be able to prove the non-existence of hostnames
that actually exist by using wildcard synthesized NSEC records that
could be improperly interpreted,
-------------- next part --------------
A non-text attachment was scrubbed...
Size: 866 bytes
Desc: OpenPGP digital signature
More information about the arch-security