1 From 0df29f5e23fd2f16181847db1fcf3a8b392d869a Mon Sep 17 00:00:00 2001
2 From: Simon Kelley <simon@thekelleys.org.uk>
3 Date: Thu, 16 Apr 2015 15:24:52 +0100
4 Subject: [PATCH 077/113] Note CVE-2015-3294
8 1 file changed, 3 insertions(+)
10 diff --git a/CHANGELOG b/CHANGELOG
11 index 0619788e9cef..7f2b1e002e9e 100644
14 @@ -84,6 +84,9 @@ version 2.73
16 Fix crash on receipt of certain malformed DNS requests.
17 Thanks to Nick Sampanis for spotting the problem.
18 + Note that this is could allow the dnsmasq process's
19 + memory to be read by an attacker under certain
20 + circumstances, so it has a CVE, CVE-2015-3294
22 Fix crash in authoritative DNS code, if a .arpa zone
23 is declared as authoritative, and then a PTR query which