File dnsmasq.changes of Package dnsmasq
------------------------------------------------------------------- Mon Aug 24 13:47:01 CEST 2009 - ug@suse.de - VUL-0: dnsmasq: remote buffer overflow exploitable if TFTP server is enabled (bnc#533710) ------------------------------------------------------------------- Tue Nov 11 13:57:17 CET 2008 - kukuk@suse.de - Add /usr/sbin/useradd to PreReq ------------------------------------------------------------------- Sat Sep 13 00:51:49 CEST 2008 - mrueckert@suse.de - fix manpage.diff to actually apply - mark files below /etc as config - do not install README.SUSE in %install as %doc will clean the directory anyway. ------------------------------------------------------------------- Fri Sep 12 15:10:55 CEST 2008 - ug@suse.de - user dnsmasq moved to group nogroup (bnc#401648) - added README.SUSE - added warning to init script when /etc/ppp is in use since it's not readable anymore ------------------------------------------------------------------- Tue Aug 19 10:41:48 CEST 2008 - ug@suse.de - init script fixed ------------------------------------------------------------------- Mon Aug 11 16:32:03 CEST 2008 - ug@suse.de - Fix crash when unknown client attempts to renew a DHCP lease, problem introduced in version 2.43. Thanks to Carlos Carvalho for help chasing this down. - Fix potential crash when a host which doesn't have a lease does DHCPINFORM. Again introduced in 2.43. This bug has never been reported in the wild. - Fix crash in netlink code introduced in 2.43. Thanks to Jean Wolter for finding this. - Change implementation of min_port to work even if min-port as large. - 2.4.45 ------------------------------------------------------------------- Mon Jul 14 09:45:15 CEST 2008 - ug@suse.de - This release fixes the DNS spoofing vulnerabilities announced in CERT VU#800113. It adds source port randomization for communication with upstream nameservers and replaces the C library PRNG with stronger code. It makes failure to drop root privileges a hard error (previous versions would log the error and continue, running as root.) Other changes include an update to avoid triggering Linux kernel messages about an out-of-date capabilities ABI, support for NAPTR records, and RFC 5107 server-id-override. - 2.43 ------------------------------------------------------------------- Thu Jun 19 16:42:54 CEST 2008 - ug@suse.de - running as user dnsmasq now (bnc#401643) ------------------------------------------------------------------- Thu Jun 5 15:33:40 CEST 2008 - ug@suse.de * Add --dhcp-alternate-port option. Thanks to Jan Psota for the suggestion. * Updated Polish translations - thank to Jan Psota. * Provide --dhcp-bridge on all BSD variants. * Define _LARGEFILE_SOURCE which removes an arbitrary 2GB limit on logfiles. Thanks to Paul Chambers for spotting the problem. * Fix RFC3046 agent-id echo code, broken for many releases. Thanks to Jeremy Laine for spotting the problem and providing a patch. * Add --dhcp-scriptuser option. * Support new capability interface on suitable Linux kernels, removes "legacy support in use" messages. Thanks to Jorge Bastos for pointing this out. * Fix subtle bug in cache code which could cause dnsmasq to lock spinning CPU in rare circumstances. Thanks to Alex Chekholko for bug reports and help debugging. * Support netascii transfer mode for TFTP. - 2.42 ------------------------------------------------------------------- Wed Feb 13 09:54:14 CET 2008 - ug@suse.de - Allow the DNS function to be completely disabled, by setting the port to zero "--port=0" - Fix a bug where NXDOMAIN could be returned for a query even if the name's value was known for a different query type. - Fixed possible crash bug in DBus IPv6 code - Add --dhcp-no-override option - Add --tftp-port-range option - Add --stop-dns-rebind option - Added --all-servers option - Add --dhcp-optsfile option - Fixed broken --alias functionality - Add --dhcp-match flag - Added --dhcp-broadcast, to force broadcast replies - multiple bugs fixed - 2.41 ------------------------------------------------------------------- Fri Jan 4 06:32:08 CET 2008 - crrodriguez@suse.de - bzip tarball - use find_lang macro. ------------------------------------------------------------------- Thu Dec 6 17:21:05 CET 2007 - ug@suse.de - version 2.40 - Fix handling of fully-qualified names in --dhcp-host - Fixed error in manpage - Fixed misaligned memory access which caused problems on Blackfin CPUs - lots of new options (see changelog for details) ------------------------------------------------------------------- Wed May 2 10:17:37 CEST 2007 - ug@suse.de - version 2.39 - names like "localhost." in /etc/hosts with trailing period are treated as fully-qualified. - Tolerate and ignore spaces around commas in the configuration file in all circumstances - /a is no longer a valid escape in quoted strings. - Added symbolic DHCP option names - Overhauled the log code - --log-facility can now take a file-name - Added --log-dhcp flag - Added 127.0.0.0/8 and 169.254.0.0/16 to the address ranges affected by --bogus-priv - Fixed failure of TFTP server with --listen-address - Added --dhcp-circuitid and --dhcp-remoteid for RFC3046 - Added --dhcp-subscrid for RFC3993 subscriber-id relay - Corrected garbage-collection - Allow absolute paths for TFTP transfers even when --tftp-root is set, as long as the path matches the root - Updated translations - Added --interface-name option ------------------------------------------------------------------- Thu Mar 15 16:00:11 CET 2007 - ug@suse.de - SuSEFirewall service files fixed and enhanced ------------------------------------------------------------------- Tue Mar 6 11:55:37 CET 2007 - ug@suse.de - SuSEFirewall service file added ------------------------------------------------------------------- Tue Feb 13 09:33:37 CET 2007 - ug@suse.de - version 2.38 Don't send length zero DHCP option 43 and cope with encapsulated options whose total length exceeds 255 octets by splitting them into multiple option 43 pieces. Avoid queries being retried forever when --strict-order is set and an upstream server returns a SERVFAIL error. Thanks to Johannes Stezenbach for spotting this. Fix BOOTP support, broken in version 2.37. Add example dhcp-options for Etherboot. Add \e (for ASCII ESCape) to the set of valid escapes in config-file strings. Added --dhcp-option-force flag and examples in the configuration file which use this to control PXELinux. Added --tftp-no-blocksize option. Set netid tag "bootp" when BOOTP (rather than DHCP) is in use. This makes it easy to customise which options are sent to BOOTP clients. (BOOTP allows only 64 octets for options, so it can be necessary to trim things.) Fix rare hang in cache code, a 2.37 regression. This probably needs an infinite DHCP lease and some bad luck to trigger. Thanks to Detlef Reichelt for bug reports and testing. ------------------------------------------------------------------- Mon Feb 5 16:29:39 CET 2007 - ug@suse.de Add better support for RFC-2855 DHCP-over-firewire and RFC -4390 DHCP-over-InfiniBand. A good suggestion from Karl Svec. Some efficiency tweaks to the cache code for very large /etc/hosts files. Should improve reverse (address->name) lookups and garbage collection. Thanks to Jan 'RedBully' Seiffert for input on this. Fix regression in 2.36 which made bogus-nxdomain and DNS caching unreliable. Thanks to Dennis DeDonatis and Jan Seiffert for bug reports. Make DHCP encapsulated vendor-class options sane. Be warned that some conceivable existing configurations using these may break, but they work in a much simpler and more logical way now. Prepending "vendor:<client-id>" to an option encapsulates it in option 43, and the option is sent only if the client-supplied vendor-class substring-matches with the given client-id. Thanks to Dennis DeDonatis for help with this. Apply patch from Jan Seiffert to tidy up tftp.c Add support for overloading the filename and servername fields in DHCP packet. This gives extra option-space when these fields are not being used or with a modern client which supports moving them into options. Added a LIMITS section to the man-page, with guidance on maximum numbers of clients, file sizes and tuning. - version 2.37 ------------------------------------------------------------------- Mon Jan 22 15:20:06 CET 2007 - ug@suse.de - version 2.36 ------------------------------------------------------------------- Mon Oct 30 09:28:53 CET 2006 - ug@suse.de - version 2.35 - better performance on parsing huge /etc/hosts files ------------------------------------------------------------------- Tue Oct 17 09:14:10 CEST 2006 - ug@suse.de - version 2.34 - Tweak network-determination code - Improve handling of high DNS loads - Fixed intermittent infinite loop when re-reading /etc/ethers after SIGHUP - Provide extra information to the lease-change script - Run the lease change script as root - Add contrib/port-forward/* which is a script to set up port-forwards using the DHCP lease-change script - Fix unaligned access problem - Fixed problem with DHCPRELEASE - Updated French translation - Upgraded the name hash function in the DNS cache - Added --clear-on-reload flag - Treat a nameserver address of 0.0.0.0 as "nothing" - Added Webmin module in contrib/webmin ------------------------------------------------------------------- Fri Aug 11 10:17:41 CEST 2006 - ug@suse.de - init-script more LSB conform patch by Matthias Andree ------------------------------------------------------------------- Mon Aug 7 09:10:16 CEST 2006 - ug@suse.de - version 2.33 - Provide extra information to lease-change script - Fix breakage with some DHCP relay implementations - compilation warning fixes - minor DNS and DHCP fixes and enhancements ------------------------------------------------------------------- Mon Jun 12 13:49:39 CEST 2006 - ug@suse.de - version 2.32 ------------------------------------------------------------------- Wed May 17 13:51:37 CEST 2006 - ug@suse.de - version 2.31 ------------------------------------------------------------------- Wed Jan 25 21:35:31 CET 2006 - mls@suse.de - converted neededforbuild to BuildRequires ------------------------------------------------------------------- Mon Jan 23 14:45:47 CET 2006 - ug@suse.de - Fixed crash when attempting to send a DHCP NAK to a host which believes it has a lease on an unknown network. That bug was invented in 2.25 - version 2.26 ------------------------------------------------------------------- Mon Jan 16 12:29:50 CET 2006 - ug@suse.de - moved dnsmasq.no to dnsmasq.np see bug #42748 ------------------------------------------------------------------- Mon Jan 16 10:15:13 CET 2006 - ug@suse.de - version update to 2.25 ------------------------------------------------------------------- Mon Nov 28 11:57:20 CET 2005 - ug@suse.de - version update to 2.24 ------------------------------------------------------------------- Mon Oct 17 14:41:02 CEST 2005 - ug@suse.de - "-fno-strict-aliasing" now ------------------------------------------------------------------- Wed Oct 12 17:02:29 CEST 2005 - ug@suse.de - version update to 2.23 ------------------------------------------------------------------- Wed Aug 24 10:26:55 CEST 2005 - ug@suse.de - Fix DNS query forwarding for empty queries and forward queries even when the recursion-desired bit is clear. This allows "dig +trace" to work Bug #106717 ------------------------------------------------------------------- Fri Aug 5 10:38:00 CEST 2005 - cthiel@suse.de - update to version 2.22 ------------------------------------------------------------------- Wed Apr 13 14:04:44 CEST 2005 - mls@suse.de - fix slp registration ------------------------------------------------------------------- Mon Jan 24 10:56:13 CET 2005 - ug@suse.de - version update from 2.19 to 2.20 - Allow more than one instance of dnsmasq to run on a machine, each providing DHCP service on a different interface - Protect against overlong names and overlong labels in configuration and from DHCP. - Fix interesting corner case in CNAME handling. This occurs when a CNAME has a target which "shadowed" by a name in /etc/hosts or from DHCP - Added support for SRV records - Fixed sign confusion in the vendor-id matching code - Added the ability to match the netid tag in a dhcp-range - Added preference values for MX records - Added the --localise-queries option. ------------------------------------------------------------------- Fri Jan 21 10:33:00 CET 2005 - ug@suse.de - version update to 2.19 - minor fixes in IPV6 and DHCP Code ------------------------------------------------------------------- Fri Nov 26 13:53:00 CET 2004 - ug@suse.de - version update to 2.18 - lots of DHCP fixes - some IPV6 fixes ------------------------------------------------------------------- Fri Nov 19 15:50:11 CET 2004 - ug@suse.de - SLP support via /etc/slp.reg.d/dnsmasq.reg file added ------------------------------------------------------------------- Fri Aug 20 10:52:05 CEST 2004 - ug@suse.de - version update from 2.11 to 2.13 - Added extra checks to ensure that DHCP created DNS entries cannot generate multiple DNS address->name entries. - Don't set the the filterwin2k option in the example config file and add warnings that is breaks Kerberos. - Log types of incoming queries as well as source and domain. - Log NODATA replies generated as a result of the filterwin2k option. ------------------------------------------------------------------- Mon Aug 9 12:12:24 CEST 2004 - ug@suse.de - version update from 2.8 to 2.11 ------------------------------------------------------------------- Tue Jun 1 17:09:51 CEST 2004 - ug@suse.de - chgrp to "dialout" and not to "dip" - backward compatibility turned off ------------------------------------------------------------------- Mon May 24 17:28:52 CEST 2004 - ug@suse.de - added to distribution
