AXSA:2008-462:03

Release date: 
Wednesday, October 29, 2008 - 19:22
Subject: 
dnsmasq-2.45-1AXS3.1.1
Affected Channels: 
Asianux Server 3 for x86
Asianux Server 3 for x86_64
Severity: 
High
Description: 

Dnsmasq consists of both lightweight and easy to configure DNS forwarder and DHCP server.
It is designed to provide DNS and, optionally, DHCP, to a small network. It can serve the names of local machines which are not in the global DNS. The DHCP server integrates with the DNS server and allows machines with DHCP-allocated addresses to appear in the DNS with names configured either in each host or in a central configuration file. Dnsmasq supports static and dynamic DHCP leases and BOOTP for network booting of diskless machines.
Fixed bugs:
CVE-2008-1447:
The DNS protocol, as implemented in (1) BIND 8 and 9 before 9.5.0-P1, 9.4.2-P1, and 9.3.5-P1; (2) Microsoft DNS in Windows 2000 SP4, XP SP2 and SP3, and Server 2003 SP1 and SP2; and other implementations allow remote attackers to spoof DNS traffic via a birthday attack that uses in-bailiwick referrals to conduct cache poisoning against recursive resolvers, related to insufficient randomness of DNS transaction IDs and source ports, aka DNS Insufficient Socket Entropy Vulnerability or the Kaminsky bug.

Solution: 

Update packages

Additional Info: 

N/A

Download: 

Asianux Server 3 for x86
  1. dnsmasq-2.45-1AXS3.1.1.i386.rpm
    MD5: 2da6289f9695c912e8049675a682f776
    SHA-256: 822a7225895608ec9426cb648b18d1a63c1930cfe6a0d3cbd4ab91b26d4843b3
    Size: 165.41 kB

Asianux Server 3 for x86_64
  1. dnsmasq-2.45-1AXS3.1.1.x86_64.rpm
    MD5: 9c85647c85a22cefb23e4f36fa1a2f99
    SHA-256: 6dfd41bd5c39fe367aeaa192382e48edc25786d44aea3e1421efe2ea995b3626
    Size: 168.75 kB
Copyright 2007-2022 Cybertrust Japan Co., Ltd. All rights reserved.