Security update for dnsmasq (important)

ID SUSE-SU-2017:2619-1
Type suse
Reporter Suse
Modified 2017-10-02T21:11:28


This update for dnsmasq fixes the following security issues:

  • CVE-2017-14491: 2 byte heap based overflow. [bsc#1060354]
  • CVE-2017-14492: heap based overflow. [bsc#1060355]
  • CVE-2017-14493: stack based overflow. [bsc#1060360]
  • CVE-2017-14494: DHCP - info leak. [bsc#1060361]
  • CVE-2017-14495: DNS - OOM DoS. [bsc#1060362]
  • CVE-2017-14496: DNS - DoS Integer underflow. [bsc#1060364]

This update brings a (small) potential incompatibility in the handling of "basename" in --pxe-service. Please read the CHANGELOG and the documentation if you are using this option.