Accepted dnsmasq 2.76-5+deb9u3 (source) into oldstable
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Format: 1.8
Date: Sat, 20 Mar 2021 15:14:01 +0100
Source: dnsmasq
Binary: dnsmasq dnsmasq-base dnsmasq-utils
Architecture: source
Version: 2.76-5+deb9u3
Distribution: stretch-security
Urgency: high
Maintainer: Simon Kelley <simon@thekelleys.org.uk>
Changed-By: Sylvain Beucler <beuc@debian.org>
Description:
dnsmasq - Small caching DNS proxy and DHCP/TFTP server
dnsmasq-base - Small caching DNS proxy and DHCP/TFTP server
dnsmasq-utils - Utilities for manipulating DHCP leases
Changes:
dnsmasq (2.76-5+deb9u3) stretch-security; urgency=high
.
* Non-maintainer upload by the LTS Security Team.
* CVE-2020-25681, CVE-2020-25682, CVE-2020-25683, CVE-2020-25687: a
heap-based buffer overflow was discovered in dnsmasq when DNSSEC is
enabled. All are fixed with the same patch.
* CVE-2020-25684: allows an off-path (non-MITM) attacker to attempt a
DNS Cache Poisoning attack. If chained with CVE-2020-25685 or
CVE-2020-25686, the attack complexity of a successful attack is
reduced. (CVE-2020-25685 and CVE-2020-25686 are not fixed in this
version, see security-tracker.debian.org.)
Checksums-Sha1:
afe6a5d6ea458035bf392a5a5f6c4cda22c351c4 1904 dnsmasq_2.76-5+deb9u3.dsc
77b3c453fa68ee74c83897e940af26a07c6630fc 31454 dnsmasq_2.76-5+deb9u3.diff.gz
84610637afcdf7156eeb6294a864302c743c43ac 5693 dnsmasq_2.76-5+deb9u3_amd64.buildinfo
Checksums-Sha256:
6bc76314a9e8dbbdd13bcd383faae883010612d34c16f6ef1e3e799cef0013a2 1904 dnsmasq_2.76-5+deb9u3.dsc
3423778379fb96b3a1ad4847d15d6f5e3824b60a80d49d2143083f5f64bb2913 31454 dnsmasq_2.76-5+deb9u3.diff.gz
8c8a8579fbb86e6a45d550cd39b90320056966f164f96561f2328cf1e58df485 5693 dnsmasq_2.76-5+deb9u3_amd64.buildinfo
Files:
2f8429b6c5d6666a40cc8582cf1576d6 1904 net optional dnsmasq_2.76-5+deb9u3.dsc
e741fecb318309b6bf9e6e3531087657 31454 net optional dnsmasq_2.76-5+deb9u3.diff.gz
1afdf7bb38767324141cbaee4b4b3b1e 5693 net optional dnsmasq_2.76-5+deb9u3_amd64.buildinfo
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCgAdFiEE1vEOfV7HXWKqBieIDTl9HeUlXjAFAmBY2sEACgkQDTl9HeUl
XjDIEA//UJwwkIrY8N9JsBVAiYTRhXRQhJ005sgcVvSspAkZ8nE5b6/jusg9lZwH
gFPxzbiSp/0R2xWXlOgk5kWabPZPFegkshiwekWQeTDVzUb9Ow320Pkf/jzwtyry
K/vBkh1w4qzwyxsThx1caaqT490V/qDHXRthC+h2f8EsAn6siG3IRTYo3ueQ4SJB
B1wbFNcB47CFaUDSkKgRJK8bh4/YY5qeLLJPaKciZD5FVDbU+9fFstkpzfEnXIa3
L6iP5XqGB7zxIBfvSR+KUB19xyGhAiYx0zNpIG/sqosXqhX7fh12tTCMIapwLDiY
qlXrAzdesQGNreGuaS6PntqZaaq4cTAYRSWlVwNqMOwEDXaP8iQ9Lt1wA+Saob/l
Y08nimJtXLZpMyv9undA27BhZp/wxWndk8pK40GufEbMldl7zIqEleX/dxRa28xT
5AuSthLUHgN77y4cBNLDE1mrIihIxtLQ97JHtykhIl5BcCTb8HFWh9N+4rNgQiOj
V9RdC26muH2d+nY5/XWQmwEcgEVqVlWDRwhNYZtJfwnPMSgsg3QrOhi/FzapGOYv
7yEUsTGHNMagDe2h9BWqMeWBPRYqd+gVhqHmd3nXfjkJsuhQkQna3b9bbCxtAj3j
83l/4yH6VykJHLnq0PLWWv+9pzOy3LVOcgYIyNCrD5HgywBSX9Q=
=gwEp
-----END PGP SIGNATURE-----