Date: Fri, 3 Jun 2016 13:50:40 -0400 From: Marc Deslauriers <marc.deslauriers@...onical.com> To: oss-security@...ts.openwall.com Subject: CVE Request: Dnsmasq denial of service Hello, I don't believe this issue has a CVE: Fix crash when an A or AAAA record is defined locally, in a hosts file, and an upstream server sends a reply that the same name is empty. Thanks to Edwin Török for the patch. http://lists.thekelleys.org.uk/pipermail/dnsmasq-discuss/2016q2/010479.html http://thekelleys.org.uk/gitweb/?p=dnsmasq.git;a=commit;h=41a8d9e99be9f2cc8b02051dd322cb45e0faac87 https://bugs.launchpad.net/ubuntu/+source/dnsmasq/+bug/1581181 Could a CVE please be assigned to it? Thanks, Marc. -- Marc Deslauriers Ubuntu Security Engineer | http://www.ubuntu.com/ Canonical Ltd. | http://www.canonical.com/
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Powered by Openwall GNU/*/Linux - Powered by OpenVZ