dnsmasq-2.79-19.el8
エラータID: AXSA:2021-2666:07
The dnsmasq packages contain Dnsmasq, a lightweight DNS (Domain Name Server) forwarder and DHCP (Dynamic Host Configuration Protocol) server.
Security Fix(es):
* dnsmasq: fixed outgoing port used when --server is used with an interface name (CVE-2021-3448)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
CVE-2021-3448
A flaw was found in dnsmasq in versions before 2.85. When configured to use a specific server for a given network interface, dnsmasq uses a fixed port while forwarding queries. An attacker on the network, able to find the outgoing port used by dnsmasq, only needs to guess the random transmission ID to forge a reply and get it accepted by dnsmasq. This flaw makes a DNS Cache Poisoning attack much easier. The highest threat from this vulnerability is to data integrity.
Update packages.
A flaw was found in dnsmasq in versions before 2.85. When configured to use a specific server for a given network interface, dnsmasq uses a fixed port while forwarding queries. An attacker on the network, able to find the outgoing port used by dnsmasq, only needs to guess the random transmission ID to forge a reply and get it accepted by dnsmasq. This flaw makes a DNS Cache Poisoning attack much easier. The highest threat from this vulnerability is to data integrity.
N/A
SRPMS
- dnsmasq-2.79-19.el8.src.rpm
MD5: 418a94f9052ff5e309fb0260a918c794
SHA-256: 385d2390885faba7ceb03d0bba3ddc9ff6e3f9d8e4b4f877566281d1f67e6967
Size: 585.91 kB
Asianux Server 8 for x86_64
- dnsmasq-2.79-19.el8.x86_64.rpm
MD5: beba41d0e5efdbc41d0291fa17aaa246
SHA-256: 7d53824e5930532f70cc3d44c8843847f585459e56e994c94a6b5ba12b51256c
Size: 318.35 kB - dnsmasq-utils-2.79-19.el8.x86_64.rpm
MD5: 9dbfbc250172b289289da38998d7d7c3
SHA-256: 728de1dc948464c7aa4158c1f321367330f188408876c2d633c8df55cf984157
Size: 54.45 kB
日本語