Your message dated Tue, 05 May 2015 19:47:28 +0000
with message-id <[email protected]>
and subject line Bug#783459: fixed in dnsmasq 2.62-3+deb7u2
has caused the Debian Bug report #783459,
regarding dnsmasq: CVE-2015-3294: crash on receipt of certain malformed DNS
requests
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact [email protected]
immediately.)
--
783459: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=783459
Debian Bug Tracking System
Contact [email protected] with problems
--- Begin Message ---
Source: dnsmasq
Version: 2.62-3
Severity: important
Tags: security upstream patch fixed-upstream
Hi,
the following vulnerability was published for dnsmasq.
CVE-2015-3294[0]:
denial of service
If you fix the vulnerability please also make sure to include the
CVE (Common Vulnerabilities & Exposures) id in your changelog entry.
For further information see:
[0] https://security-tracker.debian.org/tracker/CVE-2015-3294
[1] http://lists.thekelleys.org.uk/pipermail/dnsmasq-discuss/2015q2/009382.html
[2
http://thekelleys.org.uk/gitweb/?p=dnsmasq.git;a=commitdiff;h=ad4a8ff7d9097008d7623df8543df435bfddeac8
Please adjust the affected versions in the BTS as needed.
Regards,
Salvatore
--- End Message ---
--- Begin Message ---
Source: dnsmasq
Source-Version: 2.62-3+deb7u2
We believe that the bug you reported is fixed in the latest version of
dnsmasq, which is due to be installed in the Debian FTP archive.
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to [email protected],
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Salvatore Bonaccorso <[email protected]> (supplier of updated dnsmasq package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing [email protected])
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Format: 1.8
Date: Tue, 05 May 2015 12:50:41 +0200
Source: dnsmasq
Binary: dnsmasq dnsmasq-base dnsmasq-utils
Architecture: source amd64 all
Version: 2.62-3+deb7u2
Distribution: wheezy-security
Urgency: high
Maintainer: Simon Kelley <[email protected]>
Changed-By: Salvatore Bonaccorso <[email protected]>
Description:
dnsmasq - Small caching DNS proxy and DHCP/TFTP server
dnsmasq-base - Small caching DNS proxy and DHCP/TFTP server
dnsmasq-utils - Utilities for manipulating DHCP leases
Closes: 783459
Changes:
dnsmasq (2.62-3+deb7u2) wheezy-security; urgency=high
.
* Non-maintainer upload by the Security Team.
* CVE-2015-3294: denial of service and memory disclosure via malformed
DNS requests (Closes: #783459)
Checksums-Sha1:
e26fc306c16e6dae1948f7f61478a598309051fd 1801 dnsmasq_2.62-3+deb7u2.dsc
ed162c51580af7f505d29a23bafd0662ac79b711 532080 dnsmasq_2.62.orig.tar.gz
7c0384015423a73d0fd859ecbb57f36992ed5674 21067 dnsmasq_2.62-3+deb7u2.diff.gz
eec3a98d975514a66f1cc2d6afb94707cd1b6d99 370346
dnsmasq-base_2.62-3+deb7u2_amd64.deb
dc2b7f1acbf03f4304ba4c0a3c416e0c9a71bdff 18762
dnsmasq-utils_2.62-3+deb7u2_amd64.deb
6210479a11aba422eafe48eedffbcfa389201cad 16310 dnsmasq_2.62-3+deb7u2_all.deb
Checksums-Sha256:
40da7fd3a0d35513c8ac6688110684d476bc28e1bebd390f20dde7378b117f29 1801
dnsmasq_2.62-3+deb7u2.dsc
beab9f91739d05799c838a02110fea613ff10bbf14bf794543854141dff01f97 532080
dnsmasq_2.62.orig.tar.gz
7f5eafd8b4f081221cbd61f521c74198e50a1a490a6183e6f8490b172ffa37d2 21067
dnsmasq_2.62-3+deb7u2.diff.gz
b6bdcd710b6a629b785ca8ac3f410acf7d4f187894a8c199d104d546bdb64cd6 370346
dnsmasq-base_2.62-3+deb7u2_amd64.deb
afca28194c182e5d65bdb870c50886dc1bac5d0c73613de301a0276f360611d9 18762
dnsmasq-utils_2.62-3+deb7u2_amd64.deb
6ae40ccb3f35b0ee27d597a756b9f2b352400ececa32476854e5fcd8d45ee7cd 16310
dnsmasq_2.62-3+deb7u2_all.deb
Files:
27cedacdf3799dcd797f745df866ef11 1801 net optional dnsmasq_2.62-3+deb7u2.dsc
0c7210ab1059021e703c84086705ab56 532080 net optional dnsmasq_2.62.orig.tar.gz
815c597f6552f4e590978fdeb616565e 21067 net optional
dnsmasq_2.62-3+deb7u2.diff.gz
0c5ef96558f2e3707dbb05c5b8c134c6 370346 net optional
dnsmasq-base_2.62-3+deb7u2_amd64.deb
2d9c58d70807d4be3880f8bb99e7ae18 18762 net optional
dnsmasq-utils_2.62-3+deb7u2_amd64.deb
c996f359b18d02df89c118c5d7e7fe42 16310 net optional
dnsmasq_2.62-3+deb7u2_all.deb
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
iQIcBAEBCgAGBQJVSKEUAAoJEAVMuPMTQ89EfcMP/3pG1bPqAZPS+olcivy61pRX
l28F08gUS47knEiT4MFIHX3vzQ+XNurtigoAATkSkqLn2D9YVVS114ueWGlh3P/d
0OdzJB77UZcWK7MFkA24aCfqbydMITtPw84YFQSVfiBfMqProQugYGor6PxAz4y1
oT4a5ay0CKWt/AcKmJ0LlK2fhvev+bsabmI3pDftuWyfQa6huzI9WiM4UKm5UXXZ
KMtFXNv+r0qAH7VauZcFFldckpSVFap0Nx6xanF/OUIdSSU8DZwyLnK/4MHARjKY
k6rZFgRSbPUenBnVsy2YFSJEeROVYCNTdLsJRSQKIcxf6ysTWaqRS42uDm0q86rI
+PfGmpwpD5B1qdqFar96vQNVC4mbxEVB7Ogbluq/lyt2YdeepX4s2PnjLmL6dgsW
DK//UUaqCZaMEdunZ1+0pb9ac2lzTlh/MBEes97bTeJZ+3olRQ/L1thB9aQdihiu
Pda4CB0wpJJaB/vZZCJ+yTmSroT1G1TIki1x/xnfG69mYGktA9UMxpXtTLK4G8yn
pSr5lKk3AeZN5FNQYfEyoXwHlBEPQf0Va6npOB7+UaGVC7xUqRfbas0LLX9UlLGZ
ITV9jZOhN1qk8vU01E9bRKDuvykcYJXwUM6H6edSImUivDJpvbVSzNbXWAvwHP25
w1radAqIc954Bv3jIH01
=ynhu
-----END PGP SIGNATURE-----
--- End Message ---
