[ubuntu/questing-updates] dnsmasq 2.91-1ubuntu0.2 (Accepted)
Ubuntu Archive Robot
ubuntu-archive-robot at lists.canonical.com
Tue May 12 08:28:37 UTC 2026
dnsmasq (2.91-1ubuntu0.2) questing-security; urgency=medium
* SECURITY UPDATE: Heap buffer overflow on malicious caches in DNS
forwarding.
- debian/patches/CVE-2026-2291.patch: Expand char name size in
src/dnsmasq.h.
- CVE-2026-2291
* SECURITY UPDATE: NSEC bitmap parsing infinite loop
- debian/patches/CVE-2026-4890.patch: Correct erroneous iteration index
in src/dnssec.c
- CVE-2026-4890
* SECURITY UPDATE: Unbounded length field in RRSIG packets.
- debian/patches/CVE-2026-4891.patch: Validate rdlen in src/dnssec.c
- CVE-2026-4891
* SECURITY UPDATE: Buffer overflow in create_helper
- debian/patches/CVE-2026-4892.patch: Add upper bound to for loop in
src/helper.c
- CVE-2026-4892
* SECURITY UPDATE: Erroneous client subnet validation
- debian/patches/CVE-2026-4893.patch: Fixed length passed to check_source
in src/forward.c
- CVE-2026-4893
* SECURITY UPDATE: Buffer overflow in extract_addresses.
- debian/patches/CVE-2026-5172.patch: Check index after extracting name
in src/rfc1035.c
- CVE-2026-5172
Date: 2026-05-05 20:41:44.899309+00:00
Changed-By: Kyle Kernick <kyle.kernick at canonical.com>
Signed-By: Ubuntu Archive Robot <ubuntu-archive-robot at lists.canonical.com>
https://launchpad.net/ubuntu/+source/dnsmasq/2.91-1ubuntu0.2
-------------- next part --------------
Sorry, changesfile not available.
More information about the Questing-changes
mailing list