Control: clone -1 -2
Control: retitle -2 dnsmasq: Wheezy regression caused by 
CVE-2015-3294/2.62-3+deb7u2 w/ bind-interfaces
Control: found -2 2.62-3+deb7u2

Cloning this as new bugreport to handle the regression introduced.

On Wed, May 06, 2015 at 03:32:25PM +0100, Simon Kelley wrote:
> Salvatore.
> 
> The problem occurs if the dnsmasq binary is compiled against libc
> headers which #define SO_REUSEPORT and then run on a kernel which
> doesn't support that option. I guess the security builds have picked up
> SO_REUSEPORT from a libc backport.
> 
> The fix applied at the time was:
> 
> http://thekelleys.org.uk/gitweb/?p=dnsmasq.git;a=commit;h=56a1142f033234e3ee3b6361e9a1bcdbe606f816
> 
> 
> Cheers,
> 
> Simon.
> 
> 
> 
> On 06/05/15 15:16, Salvatore Bonaccorso wrote:
> > Hi Ian and Luca,
> > 
> > On Wed, May 06, 2015 at 12:59:03PM +0200, Luca Olivetti wrote:
> >> On Wed, 06 May 2015 11:30:35 +0100 Ian Campbell <[email protected]> wrote:
> >>
> >>
> >>> I've just noticed that running kernel on the machine is 3.2.57-3+deb7u1
> >>> which is quite out of date wrt point releases etc. Looking at the
> >>> changelog there have been dozens of stable update fixes, one of which
> >>> might be relevant here.
> >>>
> >>> I'll reboot when I get home and see if perhaps that fixes the issue.
> >>
> >> I have the same problem, but my machine uses 3.2.68:
> >>
> >>
> >> #uname 
> >> -ahttp://thekelleys.org.uk/gitweb/?p=dnsmasq.git;a=commit;h=56a1142f033234e3ee3b6361e9a1bcdbe606f816
> >> Linux lacie 3.2.0-4-kirkwood #1 Debian 3.2.68-1+deb7u1 armv5tel GNU/Linux
> >>
> >>
> >> I had to comment the "bind-interfaces" line from /etc/dnsmasq.conf in
> >> order to make it start.
> > 
> > Thanks to both for feedback. Might it be a problem with the armel
> > build?  If you look at the build log (which I have uploaded to [1]) on
> > the armel chroot to build the package on the buildd there installed
> > linux-libc-dev which is not from stable but from backports, and indeed
> > for linux >= 3.9. Thus the armel build will have (dhcp.c):
> > 
> > [...]
> >       int rc = setsockopt(fd, 1, 15, &oneopt, sizeof(oneopt));
> > 
> >       if (rc == -1)
> >  die(dcgettext (((void *)0), "failed to set SO_REUSE{ADDR|PORT} on DHCP 
> > socket: %s", __LC_MESSAGES), ((void *)0), 2);
> >     }
> > [...]
> > 
> > Could either of you try to rebuild dnsmasq in a clean chroot and see
> > if the problem resolves? That the buildd have 3.14.13-2~bpo70+1
> > installed is odd and should not be.
> > 
> >  [1] 
> > https://people.debian.org/~carnil/tmp/dnsmasq/dnsmasq_2.62-3+deb7u2_armel-20150505-1143.gz
> >  [2] https://lwn.net/Articles/542629/
> > 
> > Regards,
> > Salvatore
> > 


-- 
To UNSUBSCRIBE, email to [email protected]
with a subject of "unsubscribe". Trouble? Contact [email protected]

Reply via email to