Ubuntu 6586 Published by

A Dnsmasq security update has been released for Ubuntu Linux 14.04 ESM, 16.04 ESM, 18.04 LTS, 20.04 LTS, 22.04 LTS, and 22.10.



USN-6034-1: Dnsmasq vulnerability


==========================================================================
Ubuntu Security Notice USN-6034-1
April 20, 2023

dnsmasq vulnerability
==========================================================================

A security issue affects these releases of Ubuntu and its derivatives:

- Ubuntu 22.10
- Ubuntu 22.04 LTS
- Ubuntu 20.04 LTS
- Ubuntu 18.04 LTS
- Ubuntu 16.04 ESM
- Ubuntu 14.04 ESM

Summary:

Dnsmasq could cause transmission reliability issues when
sending large DNS messages.

Software Description:
- dnsmasq: Small caching DNS proxy and DHCP/TFTP server

Details:

It was discovered that Dnsmasq was sending large DNS messages
over UDP, possibly causing transmission failures due to IP
fragmentation. This update lowers the default maximum size of
DNS messages to improve transmission reliability over UDP.

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 22.10:
dnsmasq-base 2.86-1.1ubuntu2.1

Ubuntu 22.04 LTS:
dnsmasq-base 2.86-1.1ubuntu0.3

Ubuntu 20.04 LTS:
dnsmasq-base 2.80-1.1ubuntu1.7

Ubuntu 18.04 LTS:
dnsmasq-base 2.79-1ubuntu0.7

Ubuntu 16.04 ESM:
dnsmasq-base 2.79-1ubuntu0.16.04.1+esm2

Ubuntu 14.04 ESM:
dnsmasq-base 2.68-1ubuntu0.2+esm2

After a standard system update you need to reboot your computer to make
all the necessary changes.

References:
https://ubuntu.com/security/notices/USN-6034-1
CVE-2023-28450

Package Information:
https://launchpad.net/ubuntu/+source/dnsmasq/2.86-1.1ubuntu2.1
https://launchpad.net/ubuntu/+source/dnsmasq/2.86-1.1ubuntu0.3
https://launchpad.net/ubuntu/+source/dnsmasq/2.80-1.1ubuntu1.7
https://launchpad.net/ubuntu/+source/dnsmasq/2.79-1ubuntu0.7