Information on source package dnsmasq

Available versions

ReleaseVersion
jessie2.72-3+deb8u7
stretch2.76-5+deb9u4
stretch (security)2.76-5+deb9u3
buster2.80-1+deb10u2
buster (security)2.80-1+deb10u1
bullseye2.85-1
bookworm2.89-1
trixie2.90-4
sid2.90-4

Open issues

BugjessiestretchbusterbullseyebookwormtrixiesidDescription
CVE-2023-50868vulnerablevulnerablevulnerablevulnerablevulnerable (no DSA)fixedfixedThe Closest Encloser Proof aspect of the DNS protocol (in RFC 5155 whe ...
CVE-2023-50387vulnerablevulnerablevulnerablevulnerablevulnerable (no DSA)fixedfixedCertain DNSSEC aspects of the DNS protocol (in RFC 4033, 4034, 4035, 6 ...
CVE-2023-28450fixedfixedfixedvulnerable (no DSA)vulnerable (no DSA)fixedfixedAn issue was discovered in Dnsmasq before 2.90. The default maximum ED ...
CVE-2022-0934fixedfixedfixedvulnerable (no DSA)fixedfixedfixedA single-byte, non-arbitrary write/use-after-free flaw was found in dn ...
CVE-2021-3448vulnerable (no DSA, postponed)vulnerable (no DSA, postponed)fixedfixedfixedfixedfixedA flaw was found in dnsmasq in versions before 2.85. When configured t ...
CVE-2020-25686vulnerable (no DSA, ignored)vulnerable (no DSA, ignored)fixedfixedfixedfixedfixedA flaw was found in dnsmasq before version 2.83. When receiving a quer ...
CVE-2020-25685vulnerable (no DSA, ignored)vulnerable (no DSA, ignored)fixedfixedfixedfixedfixedA flaw was found in dnsmasq before version 2.83. When getting a reply ...

Open unimportant issues

BugjessiestretchbusterbullseyebookwormtrixiesidDescription
CVE-2023-49441vulnerablevulnerablevulnerablevulnerablevulnerablefixedfixeddnsmasq 2.9 is vulnerable to Integer Overflow via forward_query.
CVE-2021-45957vulnerablevulnerablevulnerablevulnerablevulnerablevulnerablevulnerableDnsmasq 2.86 has a heap-based buffer overflow in answer_request (calle ...
CVE-2021-45956vulnerablevulnerablevulnerablevulnerablevulnerablevulnerablevulnerableDnsmasq 2.86 has a heap-based buffer overflow in print_mac (called fro ...
CVE-2021-45955vulnerablevulnerablevulnerablevulnerablevulnerablevulnerablevulnerableDnsmasq 2.86 has a heap-based buffer overflow in resize_packet (called ...
CVE-2021-45954vulnerablevulnerablevulnerablevulnerablevulnerablevulnerablevulnerableDnsmasq 2.86 has a heap-based buffer overflow in extract_name (called ...
CVE-2021-45953vulnerablevulnerablevulnerablevulnerablevulnerablevulnerablevulnerableDnsmasq 2.86 has a heap-based buffer overflow in extract_name (called ...
CVE-2021-45952vulnerablevulnerablevulnerablevulnerablevulnerablevulnerablevulnerableDnsmasq 2.86 has a heap-based buffer overflow in dhcp_reply (called fr ...
CVE-2021-45951vulnerablevulnerablevulnerablevulnerablevulnerablevulnerablevulnerableDnsmasq 2.86 has a heap-based buffer overflow in check_bad_address (ca ...

Resolved issues

BugDescription
CVE-2020-25687A flaw was found in dnsmasq before version 2.83. A heap-based buffer o ...
CVE-2020-25684A flaw was found in dnsmasq before version 2.83. When getting a reply ...
CVE-2020-25683A flaw was found in dnsmasq before version 2.83. A heap-based buffer o ...
CVE-2020-25682A flaw was found in dnsmasq before 2.83. A buffer overflow vulnerabili ...
CVE-2020-25681A flaw was found in dnsmasq before version 2.83. A heap-based buffer o ...
CVE-2020-14312A flaw was found in the default configuration of dnsmasq, as shipped w ...
CVE-2019-14834A vulnerability was found in dnsmasq before version 2.81, where the me ...
CVE-2019-14513Improper bounds checking in Dnsmasq before 2.76 allows an attacker con ...
CVE-2017-15107A vulnerability was found in the implementation of DNSSEC in Dnsmasq u ...
CVE-2017-14496Integer underflow in the add_pseudoheader function in dnsmasq before 2 ...
CVE-2017-14495Memory leak in dnsmasq before 2.78, when the --add-mac, --add-cpe-id o ...
CVE-2017-14494dnsmasq before 2.78, when configured as a relay, allows remote attacke ...
CVE-2017-14493Stack-based buffer overflow in dnsmasq before 2.78 allows remote attac ...
CVE-2017-14492Heap-based buffer overflow in dnsmasq before 2.78 allows remote attack ...
CVE-2017-14491Heap-based buffer overflow in dnsmasq before 2.78 allows remote attack ...
CVE-2017-13704In dnsmasq before 2.78, if the DNS packet size does not match the expe ...
CVE-2015-8899Dnsmasq before 2.76 allows remote servers to cause a denial of service ...
CVE-2015-3294The tcp_request function in Dnsmasq before 2.73rc4 does not properly h ...
CVE-2013-0198Dnsmasq before 2.66test2, when used with certain libvirt configuration ...
CVE-2012-3411Dnsmasq before 2.63test1, when used with certain libvirt configuration ...
CVE-2009-2958The tftp_request function in tftp.c in dnsmasq before 2.50, when --ena ...
CVE-2009-2957Heap-based buffer overflow in the tftp_request function in tftp.c in d ...
CVE-2008-3350dnsmasq 2.43 allows remote attackers to cause a denial of service (dae ...
CVE-2008-3214dnsmasq 2.25 allows remote attackers to cause a denial of service (dae ...
CVE-2008-1447The DNS protocol, as implemented in (1) BIND 8 and 9 before 9.5.0-P1, ...
CVE-2006-2017Dnsmasq 2.29 allows remote attackers to cause a denial of service (app ...
CVE-2005-0877Dnsmasq before 2.21 allows remote attackers to poison the DNS cache vi ...
CVE-2005-0876Off-by-one buffer overflow in Dnsmasq before 2.21 may allow attackers ...

Security announcements

DSA / DLADescription
ELA-1152-1dnsmasq - security update
ELA-828-1dnsmasq - security update
DLA-2604-1dnsmasq - security update
ELA-389-1dnsmasq - security update
DSA-4844-1dnsmasq - security update
DLA-1921-1dnsmasq - security update
DLA-1532-1dnsmasq - update
DLA-1435-1dnsmasq - regression update
DLA-1124-1dnsmasq - security update
DSA-3989-1dnsmasq - security update
DLA-225-1dnsmasq - security update
DSA-3251-1dnsmasq - security update
DSA-1876-1dnsmasq - remote code execution
DSA-1623-1dnsmasq - cache poisoning

Search for package or bug name: Reporting problems