[ubuntu/resolute-security] dnsmasq 2.92-1ubuntu0.2 (Accepted)
Hlib Korzhynskyy
hlib.korzhynskyy at canonical.com
Tue May 12 07:54:34 UTC 2026
dnsmasq (2.92-1ubuntu0.2) resolute-security; urgency=medium
* SECURITY UPDATE: Heap buffer overflow on malicious caches in DNS
forwarding.
- debian/patches/CVE-2026-2291.patch: Expand char name size in
src/dnsmasq.h.
- CVE-2026-2291
* SECURITY UPDATE: NSEC bitmap parsing infinite loop
- debian/patches/CVE-2026-4890.patch: Correct erroneous iteration index
in src/dnssec.c
- CVE-2026-4890
* SECURITY UPDATE: Unbounded length field in RRSIG packets.
- debian/patches/CVE-2026-4891.patch: Validate rdlen in src/dnssec.c
- CVE-2026-4891
* SECURITY UPDATE: Buffer overflow in create_helper
- debian/patches/CVE-2026-4892.patch: Add upper bound to for loop in
src/helper.c
- CVE-2026-4892
* SECURITY UPDATE: Erroneous client subnet validation
- debian/patches/CVE-2026-4893.patch: Fixed length passed to check_source
in src/forward.c
- CVE-2026-4893
* SECURITY UPDATE: Buffer overflow in extract_addresses.
- debian/patches/CVE-2026-5172.patch: Check index after extracting name
in src/rfc1035.c
- CVE-2026-5172
Date: 2026-05-05 20:41:39.618962+00:00
Changed-By: Kyle Kernick <kyle.kernick at canonical.com>
Signed-By: Hlib Korzhynskyy <hlib.korzhynskyy at canonical.com>
https://launchpad.net/ubuntu/+source/dnsmasq/2.92-1ubuntu0.2
-------------- next part --------------
Sorry, changesfile not available.
More information about the Resolute-changes
mailing list