SUSE-SU-2021:0166-1

UNKNOWN

Security update for dnsmasq

Published Jan 19, 2021

Modified 5 years ago

Fix available

Details

This update for dnsmasq fixes the following issues:

bsc#1177077: Fixed DNSpooq vulnerabilities
CVE-2020-25684, CVE-2020-25685, CVE-2020-25686: Fixed multiple Cache Poisoning attacks.
CVE-2020-25681, CVE-2020-25682, CVE-2020-25683, CVE-2020-25687: Fixed multiple potential Heap-based overflows when DNSSEC is enabled.
Retry query to other servers on receipt of SERVFAIL rcode (bsc#1176076)

Affected Packages

dnsmasq

SUSE Enterprise Storage 5SUSE HPE Helion OpenStack 8SUSE Linux Enterprise Server 12 SP2-BCLSUSE Linux Enterprise Server 12 SP2-LTSSSUSE Linux Enterprise Server 12 SP3-BCL

Fixed in:

2.78-18.15.1

dnsmasq-utils

SUSE HPE Helion OpenStack 8SUSE OpenStack Cloud 7SUSE OpenStack Cloud 8SUSE OpenStack Cloud 9SUSE OpenStack Cloud Crowbar 8

Fixed in:

2.78-18.15.1

References

REPORT

https://bugzilla.suse.com/1176076

REPORT

https://bugzilla.suse.com/1177077

WEB