dnsmasq-2.76-16.el7

エラータID: AXSA:2020-571:04

Release date: 
Monday, October 5, 2020 - 10:54
Subject: 
dnsmasq-2.76-16.el7
Affected Channels: 
Asianux Server 7 for x86_64
Severity: 
Low
Description: 

The dnsmasq packages contain Dnsmasq, a lightweight DNS (Domain Name Server) forwarder and DHCP (Dynamic Host Configuration Protocol) server.

Security Fix(es):

* dnsmasq: memory leak in the create_helper() function in /src/helper.c (CVE-2019-14834)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Additional Changes:
For detailed information on changes in this release, see the Asianux Server 7 Release Notes linked from the References section.

CVE-2019-14834
A vulnerability was found in dnsmasq before version 2.81, where the memory leak allows remote attackers to cause a denial of service (memory consumption) via vectors involving DHCP response creation.

Solution: 

Update packages.

CVEs: 
CVE-2019-14834
A vulnerability was found in dnsmasq before version 2.81, where the memory leak allows remote attackers to cause a denial of service (memory consumption) via vectors involving DHCP response creation.
Additional Info: 

N/A

Download: 

SRPMS
  1. dnsmasq-2.76-16.el7.src.rpm
    MD5: 7beeb2ed121c20b57343ab10347dded9
    SHA-256: 7e72d393e5d3686376f0be73c5c9358bc8600913e106b1bf2b21bc6c9639b6ca
    Size: 746.61 kB

Asianux Server 7 for x86_64
  1. dnsmasq-2.76-16.el7.x86_64.rpm
    MD5: 45c2e4d10446a864bdaf368ac25e0943
    SHA-256: 7216e78d41475ddea26ef6d58b4fb1b56b6039d74a4a9a5761d4eec60823fecb
    Size: 278.25 kB