Reviewed: https://review.opendev.org/c/openstack/neutron/+/806750 Committed: https://opendev.org/openstack/neutron/commit/6ac5bc583787b7af6273d5344fcbeef69a48e2e3 Submitter: "Zuul (22348)" Branch: stable/ussuri
commit 6ac5bc583787b7af6273d5344fcbeef69a48e2e3 Author: Slawek Kaplonski <[email protected]> Date: Mon Aug 23 13:01:37 2021 +0200 Remove dhcp_extra_opt value after first newline character Passing newline to the dnsmasq may cause security issues, especially that in case of Neutron that dhcp options' values are controlled by cloud users. This patch removes everything what is after first newline character in the dhcp_extra_opt's values before passing them to dnsmasq. Closes-Bug: #1939733 Change-Id: Ifeaf258f0b5ea86f25620ac4116d618980a7272e (cherry picked from commit df891f0593d234e01f27d7c0376d9702e178ecfb) ** Changed in: cloud-archive/ussuri Status: New => Fix Committed -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1939733 Title: [OSSA-2021-005] Arbitrary dnsmasq reconfiguration via extra_dhcp_opts (CVE-2021-40085) To manage notifications about this bug go to: https://bugs.launchpad.net/cloud-archive/+bug/1939733/+subscriptions -- ubuntu-bugs mailing list [email protected] https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
