Hello community, here is the log from the commit of package dnsmasq checked in at Mon Jul 14 22:47:22 CEST 2008. -------- --- dnsmasq/dnsmasq.changes 2008-06-19 16:45:02.000000000 +0200 +++ dnsmasq/dnsmasq.changes 2008-07-14 09:47:06.885334000 +0200 @@ -1,0 +2,13 @@ +Mon Jul 14 09:45:15 CEST 2008 - ug@suse.de + +- This release fixes the DNS spoofing vulnerabilities announced in + CERT VU#800113. It adds source port randomization for communication with + upstream nameservers and replaces the C library PRNG with stronger code. It + makes failure to drop root privileges a hard error (previous versions would + log the error and continue, running as root.) Other changes include an + update to avoid triggering Linux kernel messages about an out-of-date + capabilities ABI, support for NAPTR records, and RFC 5107 + server-id-override. +- 2.43 + +------------------------------------------------------------------- Old: ---- dnsmasq-2.42.tar.bz2 New: ---- dnsmasq-2.43.tar.bz2 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ dnsmasq.spec ++++++ --- /var/tmp/diff_new_pack.J20299/_old 2008-07-14 22:42:36.000000000 +0200 +++ /var/tmp/diff_new_pack.J20299/_new 2008-07-14 22:42:36.000000000 +0200 @@ -1,5 +1,5 @@ # -# spec file for package dnsmasq (Version 2.42) +# spec file for package dnsmasq (Version 2.43) # # Copyright (c) 2008 SUSE LINUX Products GmbH, Nuernberg, Germany. # This file and all modifications and additions to the pristine @@ -13,7 +13,7 @@ Name: dnsmasq Summary: Lightweight, Easy-to-Configure DNS Forwarder and DHCP Server -Version: 2.42 +Version: 2.43 Release: 1 License: GPL v2 or later Group: Productivity/Networking/DNS/Servers @@ -101,6 +101,16 @@ %{_mandir}/es/man8/dnsmasq.8.gz %changelog +* Mon Jul 14 2008 ug@suse.de +- This release fixes the DNS spoofing vulnerabilities announced in + CERT VU#800113. It adds source port randomization for communication with + upstream nameservers and replaces the C library PRNG with stronger code. It + makes failure to drop root privileges a hard error (previous versions would + log the error and continue, running as root.) Other changes include an + update to avoid triggering Linux kernel messages about an out-of-date + capabilities ABI, support for NAPTR records, and RFC 5107 + server-id-override. +- 2.43 * Thu Jun 19 2008 ug@suse.de - running as user dnsmasq now (bnc#401643) * Thu Jun 05 2008 ug@suse.de ++++++ dnsmasq-2.42.tar.bz2 -> dnsmasq-2.43.tar.bz2 ++++++ ++++ 19491 lines of diff (skipped) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Remember to have fun... --------------------------------------------------------------------- To unsubscribe, e-mail: opensuse-commit+unsubscribe@opensuse.org For additional commands, e-mail: opensuse-commit+help@opensuse.org
participants (1)
-
root@Hilbert.suse.de