ELA-1152-1 dnsmasq security update
ELA-1156-1 indent security update
ELA-1152-1 dnsmasq security update
Package : dnsmasq
Version : 2.80-1+deb10u2 (buster)
Related CVEs :
CVE-2019-14834
CVE-2021-3448
CVE-2022-0934
CVE-2023-28450
Multiple vulnerabilities have been fixed in the dnsmasq package, the small caching DNS proxy and DHCP/TFTP server.
CVE-2019-14834
A vulnerability was found in dnsmasq before version 2.81, where the memory leak allows remote attackers to cause a
denial of service (memory consumption) via vectors involving DHCP response creation.
CVE-2021-3448
A flaw was found in dnsmasq in versions before 2.85. When configured to use a specific server for a given network
interface, dnsmasq uses a fixed port while forwarding queries. An attacker on the network, able to find the outgoing
port used by dnsmasq, only needs to guess the random transmission ID to forge a reply and get it accepted by
dnsmasq. This flaw makes a DNS Cache Poisoning attack much easier. The highest threat from this vulnerability is to
data integrity.
CVE-2022-0934
A single-byte, non-arbitrary write/use-after-free flaw was found in dnsmasq. This flaw allows an attacker who sends
a crafted packet processed by dnsmasq, potentially causing a denial of service.
CVE-2023-28450
An issue was discovered in Dnsmasq before 2.90. The default maximum EDNS.0 UDP packet size was set to 4096 but
should be 1232 because of DNS Flag Day 2020.
ELA-1156-1 indent security update
Package : indent
Version : 2.2.12-1+deb11u1~deb10u1 (buster)
Related CVEs :
CVE-2023-40305
CVE-2024-0911
Multiple issues have been fixed in GNU indent, a C source code formatter.
