aboutsummaryrefslogtreecommitdiffstats
path: root/meta-networking/recipes-support/dnsmasq/dnsmasq_2.81.bb
diff options
context:
space:
mode:
authorArmin Kuster <akuster@mvista.com>2021-09-10 15:16:48 -0700
committerArmin Kuster <akuster@mvista.com>2021-09-10 15:16:48 -0700
commit2e7e98cd0cb82db214b13224c71134b9335a719b (patch)
tree758e6fa5bef92a11521ea0a07b06ea40ab01887d /meta-networking/recipes-support/dnsmasq/dnsmasq_2.81.bb
parent06d80777f47891ec876b55212790deb5fef9116e (diff)
downloadmeta-openembedded-2e7e98cd0cb82db214b13224c71134b9335a719b.tar.gz
meta-openembedded-2e7e98cd0cb82db214b13224c71134b9335a719b.tar.bz2
meta-openembedded-2e7e98cd0cb82db214b13224c71134b9335a719b.zip
dnsmasq: Security fix CVE-2021-3448
Source: https://thekelleys.org.uk/dnsmasq.git MR: 110238 Type: Security Fix Disposition: Backport from https://thekelleys.org.uk/gitweb/?p=dnsmasq.git;a=commit;h=74d4fcd756a85bc1823232ea74334f7ccfb9d5d2 ChangeID: 3365bcc47b0467b487f14fc6bfad89bc560cd818 Description: A flaw was found in dnsmasq in versions before 2.85. When configured to use a specific server for a given network interface, dnsmasq uses a fixed port while forwarding queries. An attacker on the network, able to find the outgoing port used by dnsmasq, only needs to guess the random transmission ID to forge a reply and get it accepted by dnsmasq. This flaw makes a DNS Cache Poisoning attack much easier. The highest threat from this vulnerability is to data integrity. Signed-off-by: Armin Kuster <akuster@mvista.com>
Diffstat (limited to 'meta-networking/recipes-support/dnsmasq/dnsmasq_2.81.bb')
-rw-r--r--meta-networking/recipes-support/dnsmasq/dnsmasq_2.81.bb1
1 files changed, 1 insertions, 0 deletions
diff --git a/meta-networking/recipes-support/dnsmasq/dnsmasq_2.81.bb b/meta-networking/recipes-support/dnsmasq/dnsmasq_2.81.bb
index a1dc0f3a0..2fb389915 100644
--- a/meta-networking/recipes-support/dnsmasq/dnsmasq_2.81.bb
+++ b/meta-networking/recipes-support/dnsmasq/dnsmasq_2.81.bb
@@ -10,4 +10,5 @@ SRC_URI += "\
file://CVE-2020-25685-2.patch \
file://CVE-2020-25686-1.patch \
file://CVE-2020-25686-2.patch \
+ file://CVE-2021-3448.patch \
"