Debian 10261 Published by

A dnsmasq security update has been released for Debian GNU/Linux 8 Extended to address several vulnerabilities that could result in denial of service, cache poisoning or the execution of arbitrary code.



ELA-389-1 dnsmasq security update

Package dnsmasq
Version 2.72-3+deb8u6
Related CVEs CVE-2020-25681 CVE-2020-25682 CVE-2020-25683 CVE-2020-25684 CVE-2020-25687

Moshe Kol and Shlomi Oberman of JSOF discovered several vulnerabilities in dnsmasq, a small caching DNS proxy and DHCP/TFTP server. They could result in denial of service, cache poisoning or the execution of arbitrary code.

For Debian 8 jessie, these problems have been fixed in version 2.72-3+deb8u6.

We recommend that you upgrade your dnsmasq packages.

Further information about Extended LTS security advisories can be found at: https://deb.freexian.com/extended-lts/

  ELA-389-1 dnsmasq security update