Your message dated Sun, 10 May 2015 15:34:35 +0000 with message-id <e1yrtft-00025c...@franck.debian.org> and subject line Bug#783459: fixed in dnsmasq 2.72-3.1 has caused the Debian Bug report #783459, regarding dnsmasq: CVE-2015-3294: crash on receipt of certain malformed DNS requests to be marked as done.
This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 783459: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=783459 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
--- Begin Message ---Source: dnsmasq Version: 2.62-3 Severity: important Tags: security upstream patch fixed-upstream Hi, the following vulnerability was published for dnsmasq. CVE-2015-3294[0]: denial of service If you fix the vulnerability please also make sure to include the CVE (Common Vulnerabilities & Exposures) id in your changelog entry. For further information see: [0] https://security-tracker.debian.org/tracker/CVE-2015-3294 [1] http://lists.thekelleys.org.uk/pipermail/dnsmasq-discuss/2015q2/009382.html [2 http://thekelleys.org.uk/gitweb/?p=dnsmasq.git;a=commitdiff;h=ad4a8ff7d9097008d7623df8543df435bfddeac8 Please adjust the affected versions in the BTS as needed. Regards, Salvatore
--- End Message ---
--- Begin Message ---Source: dnsmasq Source-Version: 2.72-3.1 We believe that the bug you reported is fixed in the latest version of dnsmasq, which is due to be installed in the Debian FTP archive. A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to 783...@bugs.debian.org, and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. Salvatore Bonaccorso <car...@debian.org> (supplier of updated dnsmasq package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing ftpmas...@ftp-master.debian.org) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Tue, 05 May 2015 16:09:06 +0200 Source: dnsmasq Binary: dnsmasq dnsmasq-base dnsmasq-utils Architecture: source amd64 all Version: 2.72-3.1 Distribution: unstable Urgency: medium Maintainer: Simon Kelley <si...@thekelleys.org.uk> Changed-By: Salvatore Bonaccorso <car...@debian.org> Description: dnsmasq - Small caching DNS proxy and DHCP/TFTP server dnsmasq-base - Small caching DNS proxy and DHCP/TFTP server dnsmasq-utils - Utilities for manipulating DHCP leases Closes: 783459 Changes: dnsmasq (2.72-3.1) unstable; urgency=medium . * Non-maintainer upload. * CVE-2015-3294: denial of service and memory disclosure via malformed DNS requests (Closes: #783459) Checksums-Sha1: 8045ad6e1e7a5ed62d49e1cdd6d672fac3510f91 1870 dnsmasq_2.72-3.1.dsc 9d91746819db9cc5be6d38cfaac019ad71282eb3 22564 dnsmasq_2.72-3.1.diff.gz 442e05be419f6db0eff427d6d148e71e67d13dec 15826 dnsmasq_2.72-3.1_all.deb Checksums-Sha256: fb7c4908f74b3b562bd0f8f32dfffb1442bb8b153045d3d097adda00d1b93a85 1870 dnsmasq_2.72-3.1.dsc a496547fbee634bbaabc5603085d162c4d1806a4100de17015654320bf0faf29 22564 dnsmasq_2.72-3.1.diff.gz 23aef43e12dac76aef496b23d8b7adfc601986f5e3e35b9b9f27fe14eec39db0 15826 dnsmasq_2.72-3.1_all.deb Files: 6ea739f5671e088b3496716c6b544e21 1870 net optional dnsmasq_2.72-3.1.dsc b24cdd4682f8bf674f83df528b86f7b0 22564 net optional dnsmasq_2.72-3.1.diff.gz 0904344ab96e82e4566ceb79f63096dd 15826 net optional dnsmasq_2.72-3.1_all.deb -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIcBAEBCgAGBQJVSM/QAAoJEAVMuPMTQ89EyzUP/3/CT+w0Xz9p6WUovzvPT4Yf 2NmfrPMZ4KyKbvyhqx2L5a+zPwHK7vD93ddWW5+1YTAHYaoybKGIv7hYIplXJ3YF l6wcspDKoRMDT3nXP6SNeonbn1YUhedde67in0+F71kTNoKddz1bFtJaCcmr3eAu NxwKGD5IEOmFendyuELVZudKPnlCcTi86aTfBAz7ne4V11Q8jJs4IoQV3LvriSXc 9e7ZmmYuQ+XdXgHy+yOkdEmTAQa1b0UT6aNy4suTjqUdYxNWkYCvfn7Lr9ubiSTD 0EMs+OH7nJ7EKPlFLH1uOy+7Ocwh6PnxaxCpIwma1nNj1yP4eLwcult8JzfY17jM qncUqA/lDuwzELoCvXpRAF2bTPqPh1wwI9iLAmiroStlMJWdgMjCuuMvGgLkGN4J OWYm5mCe6Rb0b8i472QFaI0OglATrxAmGByE7prxyQyQ1qOys5lM6rGi70vaVPsq ZV985aykCFIq/7GUaOMuX4eziMFhroZ1D+LS/HNSH2MG5dWlvg+lF7gQxV8OfupP UXfoAptrQgyw8wdLTpdF1w2SBzAUjgr6Ktb6eq1PkB22iR2yfuQK/77tjjEunbzY B8txkG+0EwmaIz9TB1k3UIBXcv6FAZNsKslBXxXS3AzCvTEptQK1KpsBNmRSnx5k I7tucQ32UjIoyv+UZhwP =UGDo -----END PGP SIGNATURE-----
--- End Message ---
