File _patchinfo of Package patchinfo.36908
<patchinfo incident="36908"> <issue tracker="cve" id="2023-50868"/> <issue tracker="cve" id="2023-28450"/> <issue tracker="cve" id="2023-50387"/> <issue tracker="bnc" id="1209358">VUL-0: CVE-2023-28450: dnsmasq: default maximum EDNS.0 UDP packet size should be 1232</issue> <issue tracker="bnc" id="1219823">VUL-0: CVE-2023-50387 : unbound, pdns, bind, dnsmasq: Denial Of Service while trying to validate specially crafted DNSSEC responses</issue> <issue tracker="bnc" id="1219826">VUL-0: CVE-2023-50868: unbound, bind, pdns, dnsmasq: Denial Of Service while trying to validate specially crafted DNSSEC responses</issue> <issue tracker="bnc" id="1207174">dnsmasq 2.88: bug which can break the invariants on the order of a hash chain.</issue> <issue tracker="bnc" id="1200344">AUDIT-WHITELIST: dnsmasq: move dbus system.d file to /usr</issue> <issue tracker="bnc" id="1214884">Migration from SLE Micro 5.4 -> ALP: file conflict between libslp1 and openslp</issue> <packager>rmax</packager> <rating>important</rating> <category>security</category> <summary>Security update for dnsmasq</summary> <description>This update for dnsmasq fixes the following issues: - Version update to 2.90: - CVE-2023-50387: Fixed a Denial Of Service while trying to validate specially crafted DNSSEC responses. (bsc#1219823) - CVE-2023-50868: Fixed a Denial Of Service while trying to validate specially crafted DNSSEC responses. (bsc#1219826) - CVE-2023-28450: Default maximum EDNS.0 UDP packet size should be 1232. (bsc#1209358) </description> </patchinfo>
