Login
Login-Name Passwort


 
Newsletter
Werbung

Sicherheit: Mehrere Probleme in Dnsmasq
Aktuelle Meldungen Distributionen
Name: Mehrere Probleme in Dnsmasq
ID: SSA:2017-275-01
Distribution: Slackware
Plattformen: Slackware -current, Slackware 13.0, Slackware x86_64 13.0, Slackware x86_64 -current, Slackware x86_64 13.1, Slackware 13.1, Slackware x86_64 13.37, Slackware 13.37, Slackware 14.0, Slackware x86_64 14.0, Slackware 14.1, Slackware x86_64 14.1, Slackware 14.2, Slackware x86_64 14.2
Datum: Di, 3. Oktober 2017, 00:21
Referenzen: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14494
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14495
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13704
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14493
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14491
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14496
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14492

Originalnachricht


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

[slackware-security] dnsmasq (SSA:2017-275-01)

New dnsmasq packages are available for Slackware 13.0, 13.1, 13.37, 14.0, 14.1,
14.2, and -current to fix security issues.


Here are the details from the Slackware 14.2 ChangeLog:
+--------------------------+
patches/packages/dnsmasq-2.78-i586-1_slack14.2.txz: Upgraded.
This update fixes bugs and remotely exploitable security issues that may
have impacts including denial of service, information leak, and execution
of arbitrary code. Thanks to Felix Wilhelm, Fermin J. Serna, Gabriel Campana,
Kevin Hamacher, Ron Bowes, and Gynvael Coldwind of the Google Security Team.
For more information, see:
https://security.googleblog.com/2017/10/behind-masq-yet-more-dns-and-dhcp.html
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13704
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14491
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14492
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14493
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14494
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14495
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14496
(* Security fix *)
+--------------------------+


Where to find the new packages:
+-----------------------------+

Thanks to the friendly folks at the OSU Open Source Lab
(http://osuosl.org) for donating FTP and rsync hosting
to the Slackware project! :-)

Also see the "Get Slack" section on http://slackware.com for
additional mirror sites near you.

Updated package for Slackware 13.0:
dnsmasq-2.78-i486-1_slack13.0.txz

Updated package for Slackware x86_64 13.0:
dnsmasq-2.78-x86_64-1_slack13.0.txz

Updated package for Slackware 13.1:
dnsmasq-2.78-i486-1_slack13.1.txz

Updated package for Slackware x86_64 13.1:
dnsmasq-2.78-x86_64-1_slack13.1.txz

Updated package for Slackware 13.37:
dnsmasq-2.78-i486-1_slack13.37.txz

Updated package for Slackware x86_64 13.37:
dnsmasq-2.78-x86_64-1_slack13.37.txz

Updated package for Slackware 14.0:
dnsmasq-2.78-i486-1_slack14.0.txz

Updated package for Slackware x86_64 14.0:
dnsmasq-2.78-x86_64-1_slack14.0.txz

Updated package for Slackware 14.1:
dnsmasq-2.78-i486-1_slack14.1.txz

Updated package for Slackware x86_64 14.1:
dnsmasq-2.78-x86_64-1_slack14.1.txz

Updated package for Slackware 14.2:
dnsmasq-2.78-i586-1_slack14.2.txz

Updated package for Slackware x86_64 14.2:
dnsmasq-2.78-x86_64-1_slack14.2.txz

Updated package for Slackware -current:
dnsmasq-2.78-i586-1.txz

Updated package for Slackware x86_64 -current:
dnsmasq-2.78-x86_64-1.txz


MD5 signatures:
+-------------+

Slackware 13.0 package:
800a3d6b24218dc429f4134d501e86f1 dnsmasq-2.78-i486-1_slack13.0.txz

Slackware x86_64 13.0 package:
0105b3739bf8fe5facc69f65c0ecdef0 dnsmasq-2.78-x86_64-1_slack13.0.txz

Slackware 13.1 package:
7a64b79ea81839a6e3d7d1de1aa4be4e dnsmasq-2.78-i486-1_slack13.1.txz

Slackware x86_64 13.1 package:
3d8c06022e52c377cbed0d70b74deb52 dnsmasq-2.78-x86_64-1_slack13.1.txz

Slackware 13.37 package:
55d84ac9cdd80d7ce2b5f7ec729be0cc dnsmasq-2.78-i486-1_slack13.37.txz

Slackware x86_64 13.37 package:
c20c2d8654abfc348e57492c5e183c07 dnsmasq-2.78-x86_64-1_slack13.37.txz

Slackware 14.0 package:
26bed84f2940b0bf857c51b1b56c75f6 dnsmasq-2.78-i486-1_slack14.0.txz

Slackware x86_64 14.0 package:
b64f5da9dc3b8378ed6cd603699cf919 dnsmasq-2.78-x86_64-1_slack14.0.txz

Slackware 14.1 package:
3b705c73c476c1edeb969ca9b4fbcc16 dnsmasq-2.78-i486-1_slack14.1.txz

Slackware x86_64 14.1 package:
f87ca78a633e87cb82d95003bf644656 dnsmasq-2.78-x86_64-1_slack14.1.txz

Slackware 14.2 package:
3b914f91a78103da3e6be9af33a3fe01 dnsmasq-2.78-i586-1_slack14.2.txz

Slackware x86_64 14.2 package:
c8f5e3233dee57de8f46523d6ead2891 dnsmasq-2.78-x86_64-1_slack14.2.txz

Slackware -current package:
a3d6c00a868f061c6ca4ae38b8f2eb39 n/dnsmasq-2.78-i586-1.txz

Slackware x86_64 -current package:
e2647e7394ce07c70243aedeee040788 n/dnsmasq-2.78-x86_64-1.txz


Installation instructions:
+------------------------+

Upgrade the package as root:
# upgradepkg dnsmasq-2.78-i586-1_slack14.2.txz

If dnsmasq is running, restart it:
# sh /etc/rc.d/rc.dnsmasq restart


+-----+

Slackware Linux Security Team
http://slackware.com/gpg-key
security@slackware.com

+------------------------------------------------------------------------+
| To leave the slackware-security mailing list: |
+------------------------------------------------------------------------+
| Send an email to majordomo@slackware.com with this text in the body of |
| the email message: |
| |
| unsubscribe slackware-security |
| |
| You will get a confirmation message back containing instructions to |
| complete the process. Please do not reply to this email address. |
+------------------------------------------------------------------------+
-----BEGIN PGP SIGNATURE-----

iEYEARECAAYFAlnSh7AACgkQakRjwEAQIjMk3gCfVZWRzYjC6EOP5tbE6S50QDL2
mAYAniiE2OFw0Qm8miHfpOv6oz51eS/m
=uPXl
-----END PGP SIGNATURE-----
Pro-Linux
Pro-Linux @Facebook
Neue Nachrichten
Werbung