rtime.felk.cvut.cz Git - coffee/buildroot.git/commit

author	Baruch Siach <baruch@tkos.co.il>
	Mon, 2 Oct 2017 17:38:25 +0000 (20:38 +0300)
committer	Peter Korsgaard <peter@korsgaard.com>
	Tue, 17 Oct 2017 08:38:34 +0000 (10:38 +0200)
commit	090f8c24dc2c5f3a788bddb06eb8c67cc2443b46
tree	a9bdb5e556164eca24c8e3c4da2878349cfeca5e	tree \| snapshot
parent	bd9760be5ad8047a5d5caa2ef127fa8c6b3317ba	commit \| diff

dnsmasq: security bump to version 2.78

Supported Lua version is now 5.2.

Add licenses hash.

Fixes a number of security issues:

CVE-2017-13704 - Crash when DNS query exceeded 512 bytes (a regression
in 2.77, so technically not fixed by this bump)

CVE-2017-14491 - Heap overflow in DNS code

CVE-2017-14492 - Heap overflow in IPv6 router advertisement code

CVE-2017-14493 - Stack overflow in DHCPv6 code

CVE-2017-14494 - Information leak in DHCPv6

CVE-2017-14496 - Invalid boundary checks allows a malicious DNS queries
to trigger DoS

CVE-2017-14495 - Out-of-memory Dos vulnerability

Signed-off-by: Baruch Siach <baruch@tkos.co.il>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
(cherry picked from commit e77fdc90e320ff38d56d8e5c97fc783e8fbb76bb)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

package/dnsmasq/dnsmasq.hash		diff \| blob \| history
package/dnsmasq/dnsmasq.mk		diff \| blob \| history