Information on source package dnsmasq

Available versions

ReleaseVersion
stretch2.76-5+deb9u2
stretch (security)2.76-5+deb9u3
buster2.80-1+deb10u1
bullseye2.85-1
bookworm2.85-1
sid2.86-1

Open issues

BugstretchbusterbullseyebookwormsidDescription
CVE-2021-3448vulnerable (no DSA, postponed)vulnerable (no DSA, postponed)fixedfixedfixedA flaw was found in dnsmasq in versions before 2.85. When configured t ...
CVE-2020-25686vulnerable (no DSA, ignored)fixedfixedfixedfixedA flaw was found in dnsmasq before version 2.83. When receiving a quer ...
CVE-2020-25685vulnerable (no DSA, ignored)fixedfixedfixedfixedA flaw was found in dnsmasq before version 2.83. When getting a reply ...
CVE-2019-14834vulnerable (no DSA)vulnerable (no DSA)fixedfixedfixedA vulnerability was found in dnsmasq before version 2.81, where the me ...
CVE-2017-15107vulnerable (no DSA)fixedfixedfixedfixedA vulnerability was found in the implementation of DNSSEC in Dnsmasq u ...

Resolved issues

BugDescription
CVE-2020-25687A flaw was found in dnsmasq before version 2.83. A heap-based buffer o ...
CVE-2020-25684A flaw was found in dnsmasq before version 2.83. When getting a reply ...
CVE-2020-25683A flaw was found in dnsmasq before version 2.83. A heap-based buffer o ...
CVE-2020-25682A flaw was found in dnsmasq before 2.83. A buffer overflow vulnerabili ...
CVE-2020-25681A flaw was found in dnsmasq before version 2.83. A heap-based buffer o ...
CVE-2020-14312A flaw was found in the default configuration of dnsmasq, as shipped w ...
CVE-2019-14513Improper bounds checking in Dnsmasq before 2.76 allows an attacker con ...
CVE-2017-14496Integer underflow in the add_pseudoheader function in dnsmasq before 2 ...
CVE-2017-14495Memory leak in dnsmasq before 2.78, when the --add-mac, --add-cpe-id o ...
CVE-2017-14494dnsmasq before 2.78, when configured as a relay, allows remote attacke ...
CVE-2017-14493Stack-based buffer overflow in dnsmasq before 2.78 allows remote attac ...
CVE-2017-14492Heap-based buffer overflow in dnsmasq before 2.78 allows remote attack ...
CVE-2017-14491Heap-based buffer overflow in dnsmasq before 2.78 allows remote attack ...
CVE-2017-13704In dnsmasq before 2.78, if the DNS packet size does not match the expe ...
CVE-2015-8899Dnsmasq before 2.76 allows remote servers to cause a denial of service ...
CVE-2015-3294The tcp_request function in Dnsmasq before 2.73rc4 does not properly h ...
CVE-2013-0198Dnsmasq before 2.66test2, when used with certain libvirt configuration ...
CVE-2012-3411Dnsmasq before 2.63test1, when used with certain libvirt configuration ...
CVE-2009-2958The tftp_request function in tftp.c in dnsmasq before 2.50, when --ena ...
CVE-2009-2957Heap-based buffer overflow in the tftp_request function in tftp.c in d ...
CVE-2008-3350dnsmasq 2.43 allows remote attackers to cause a denial of service (dae ...
CVE-2008-3214dnsmasq 2.25 allows remote attackers to cause a denial of service (dae ...
CVE-2008-1447The DNS protocol, as implemented in (1) BIND 8 and 9 before 9.5.0-P1, ...
CVE-2006-2017Dnsmasq 2.29 allows remote attackers to cause a denial of service (app ...
CVE-2005-0877Dnsmasq before 2.21 allows remote attackers to poison the DNS cache vi ...
CVE-2005-0876Off-by-one buffer overflow in Dnsmasq before 2.21 may allow attackers ...

Security announcements

DSA / DLADescription
DLA-2604-1dnsmasq - security update
DSA-4844-1dnsmasq - security update
DLA-1921-1dnsmasq - security update
DLA-1532-1dnsmasq - update
DLA-1435-1dnsmasq - regression update
DLA-1124-1dnsmasq - security update
DSA-3989-1dnsmasq - security update
DLA-225-1dnsmasq - security update
DSA-3251-1dnsmasq - security update
DSA-1876-1dnsmasq - remote code execution
DSA-1623-1dnsmasq - cache poisoning

Search for package or bug name: Reporting problems