src/patches/dnsmasq/0077-Note-CVE-2015-3294.patch

   1 From 0df29f5e23fd2f16181847db1fcf3a8b392d869a Mon Sep 17 00:00:00 2001
   2 From: Simon Kelley <simon@thekelleys.org.uk>
   3 Date: Thu, 16 Apr 2015 15:24:52 +0100
   4 Subject: [PATCH 77/78] Note CVE-2015-3294
   5
   6 ---
   7  CHANGELOG | 3 +++
   8  1 file changed, 3 insertions(+)
   9
  10 diff --git a/CHANGELOG b/CHANGELOG
  11 index 0619788e9cef..7f2b1e002e9e 100644
  12 --- a/CHANGELOG
  13 +++ b/CHANGELOG
  14 @@ -84,6 +84,9 @@ version 2.73
  15
  16             Fix crash on receipt of certain malformed DNS requests.
  17             Thanks to Nick Sampanis for spotting the problem.
  18 +           Note that this is could allow the dnsmasq process's
  19 +           memory to be read by an attacker under certain
  20 +           circumstances, so it has a CVE, CVE-2015-3294
  21
  22              Fix crash in authoritative DNS code, if a .arpa zone
  23             is declared as authoritative, and then a PTR query which
  24 --
  25 2.1.0
  26