Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [day] [month] [year] [list]
Date: Mon, 2 Oct 2017 16:47:18 +0100
From: Simon Kelley <>
Subject: dnsmasq: CVE-2017-14491 to CVE-2017-14496 and CVE-2017-13704

A set of serious security vulnerabilities for dnsmasq have been released

These include remote DoS and possibly code execution, and at least some
apply to essentially every non-ancient dnsmasq release.

Most of these were found by Google and their writeup is here.

The fixes are contained in the dnsmasq 2-78 release, announced here:

and are in the dnsmasq git repo, here:;a=summary



Download attachment "signature.asc" of type "application/pgp-signature" (820 bytes)

Powered by blists - more mailing lists

Your e-mail address:

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Powered by Openwall GNU/*/Linux - Powered by OpenVZ