File _patchinfo of Package patchinfo.13200
<patchinfo incident="13200">
<issue tracker="bnc" id="1152539">dnsmasq default configuration doesn't enable by default /etc/dnsmasq.d/*.conf</issue>
<issue tracker="bnc" id="1138743">increase dnsmasq cache size</issue>
<issue tracker="bnc" id="1156543">dnsmasq build failed with linux-glibc-devel 5.3</issue>
<issue tracker="bnc" id="1154849">VUL-1: CVE-2019-14834: dnsmasq: dnsmasq: memory leak in the create_helper() function in /src/helper.c</issue>
<issue tracker="bnc" id="1076958">VUL-1: CVE-2017-15107: dnsmasq: dnsmasq: Improper validation of wildcard synthesized NSEC records</issue>
<issue tracker="cve" id="2019-14834"/>
<issue tracker="cve" id="2017-15107"/>
<packager>rmax</packager>
<rating>moderate</rating>
<category>security</category>
<summary>Security update for dnsmasq</summary>
<description>This update for dnsmasq fixes the following issues:
Security issues fixed:
- CVE-2019-14834: Fixed a memory leak which could have allowed to remote attackers
to cause denial of service via DHCP response creation (bsc#1154849)
- CVE-2017-15107: Fixed a vulnerability in DNSSEC implementation. Processing of
wildcard synthesized NSEC records may result improper validation for non-existance
(bsc#1076958).
Other issues addressed:
- Included linux/sockios.h to get SIOCGSTAMP (bsc#1156543).
- Removed cache size limit (bsc#1138743).
- bsc#1152539: include config files from /etc/dnsmasq.d/*.conf .
</description>
</patchinfo>