Your message dated Tue, 05 May 2015 19:47:05 +0000
with message-id <[email protected]>
and subject line Bug#783459: fixed in dnsmasq 2.72-3+deb8u1
has caused the Debian Bug report #783459,
regarding dnsmasq: CVE-2015-3294: crash on receipt of certain malformed DNS
requests
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact [email protected]
immediately.)
--
783459: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=783459
Debian Bug Tracking System
Contact [email protected] with problems
--- Begin Message ---
Source: dnsmasq
Version: 2.62-3
Severity: important
Tags: security upstream patch fixed-upstream
Hi,
the following vulnerability was published for dnsmasq.
CVE-2015-3294[0]:
denial of service
If you fix the vulnerability please also make sure to include the
CVE (Common Vulnerabilities & Exposures) id in your changelog entry.
For further information see:
[0] https://security-tracker.debian.org/tracker/CVE-2015-3294
[1] http://lists.thekelleys.org.uk/pipermail/dnsmasq-discuss/2015q2/009382.html
[2
http://thekelleys.org.uk/gitweb/?p=dnsmasq.git;a=commitdiff;h=ad4a8ff7d9097008d7623df8543df435bfddeac8
Please adjust the affected versions in the BTS as needed.
Regards,
Salvatore
--- End Message ---
--- Begin Message ---
Source: dnsmasq
Source-Version: 2.72-3+deb8u1
We believe that the bug you reported is fixed in the latest version of
dnsmasq, which is due to be installed in the Debian FTP archive.
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to [email protected],
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Salvatore Bonaccorso <[email protected]> (supplier of updated dnsmasq package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing [email protected])
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Format: 1.8
Date: Tue, 05 May 2015 11:15:01 +0200
Source: dnsmasq
Binary: dnsmasq dnsmasq-base dnsmasq-utils
Architecture: source amd64 all
Version: 2.72-3+deb8u1
Distribution: jessie-security
Urgency: high
Maintainer: Simon Kelley <[email protected]>
Changed-By: Salvatore Bonaccorso <[email protected]>
Description:
dnsmasq - Small caching DNS proxy and DHCP/TFTP server
dnsmasq-base - Small caching DNS proxy and DHCP/TFTP server
dnsmasq-utils - Utilities for manipulating DHCP leases
Closes: 783459
Changes:
dnsmasq (2.72-3+deb8u1) jessie-security; urgency=high
.
* Non-maintainer upload by the Security Team.
* CVE-2015-3294: denial of service and memory disclosure via malformed
DNS requests (Closes: #783459)
Checksums-Sha1:
82741461aebe48b0721e7ad1781093b16dd5c04c 1890 dnsmasq_2.72-3+deb8u1.dsc
bfb12316ba1601db954a66bbc9c1aa917d9a7871 657779 dnsmasq_2.72.orig.tar.gz
b981656a920eb3ba68b94449169afec9a0a1981d 22594 dnsmasq_2.72-3+deb8u1.diff.gz
a1cb98e3f175f5a01fb33df1049b28f775839b92 15828 dnsmasq_2.72-3+deb8u1_all.deb
Checksums-Sha256:
f5267bd2f073b486a9677a07d33aec2933e273527f1751d915edfdf8d3904923 1890
dnsmasq_2.72-3+deb8u1.dsc
2a122c7eea57ed8fbd63af5de03d9b6f03eaf730dab5dd984adb98ecd8487b37 657779
dnsmasq_2.72.orig.tar.gz
8e300defeffe8e7bc1d355db210544b242835ab4cb7f3a339d43dfd3a09c707d 22594
dnsmasq_2.72-3+deb8u1.diff.gz
198fb357673219759ade204f34660c3a5ff52c2ed5d2afca4433d62a4b5fa3b5 15828
dnsmasq_2.72-3+deb8u1_all.deb
Files:
d3f55b5cfd84e62dd75f7b6f2850150e 1890 net optional dnsmasq_2.72-3+deb8u1.dsc
c84e6544bb2e749e00a017c306722ff0 657779 net optional dnsmasq_2.72.orig.tar.gz
312bea4db5625c5786ac41cbda84f54e 22594 net optional
dnsmasq_2.72-3+deb8u1.diff.gz
1ad8996974ff0fe2e4fc05ab4e51133f 15828 net optional
dnsmasq_2.72-3+deb8u1_all.deb
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
iQIcBAEBCgAGBQJVSI8SAAoJEAVMuPMTQ89EQD8P/iHMpGdRQbt4ioP44pttQq3l
9FSaYY6MeLGTiujmTQNBSKZ+TS//IeDuXyCx6QY3Xfnm/00hFCiBspyZIeOQJMCB
pgw1pYjhCw+bFyAY2MC0v8CvlATtQRcWHZgqs/BKZADFl4nWbPCgrfUyAfkIycMK
lgVrk5Q6YXjvm0UB297xf3cPLQ9OJ1lEFju1a83eT/MCTD8zoy74IxwIgExW8Qi4
BYsxX/V/QyPzYnGeyyY3xKZGCotsBDbe2Od+9SWsjJtrAiXbsEVVDBp5UarBikge
dyKmtxrwvvnY/WTlB1fMIvM0a5BxgbM7uZfmN4bk+pTkrrD0EE2J/l4Zd0XxXXvg
3yaoi/QAMHjDp9YLk1Uqc/aEDhG2hasGM1ar76sBYx4UcTh1Xo5ZLR2vyWvkU6Ge
/+nqTyBrv3mb+RME0/Hll9KNCs2ZQIINe2QH3w+E+dzc2DIgLfR1sRRJC1/Whnq3
yHceIIX5zXH6D2mdDyE8Fz+OwRkbToP8qLGo2G0s6VOvwtsDFRpsI6ZFcn9zcm5k
o2s5crWtmqJRfdlrO42w6JxvdMGNcZNxjo7XoBz+8m/J16mtfrE18EU4ymYwqadM
KvXhGuq5Yz7Y3ZR0g12NvP0WSF3NrdOIquZO7Xbngp8l7wfu/+NAbRxNtCk7mBmu
WYTb8BWbbPHYadHiEeoz
=Rahx
-----END PGP SIGNATURE-----
--- End Message ---
