My CentOS version is 7.4.1708 (according to /etc/centos-release).
yum info dnsmasq shows:
...
Version : 2.76
Release : 2.el7_4.2
Repo : installed
From repo : updates
...
yum update dnsmasq ends with message: No packages marked for update
Could you explain if dnsmasq 2.76 contain security patches against known vulnerabilities (published october 2 2017)?
Additional information:
From https://www.us-cert.gov/ncas/current-ac ... rabilities
Dnsmasq versions 2.77 and prior contain multiple vulnerabilities. Exploitation of some of these vulnerabilities may allow a remote attacker to take control of an affected system.
US-CERT encourages users and administrators to review VUL Note VU#973527 for more information and update to dnsmasq version 2.78.
From https://www.rapid7.com/db/vulnerabiliti ... 2017-14491
Heap-based buffer overflow in dnsmasq before 2.78 allows remote attackers to cause a denial of service (crash) or execute arbitrary code via a crafted DNS response.
dnsmasq 2.76 security update
-
- Posts: 2
- Joined: 2018/04/23 20:06:41
- Location: Poland
dnsmasq 2.76 security update
My english is not good, so feel free to correct my posts.
Re: dnsmasq 2.76 security update
The place to go is https://access.redhat.com/security/cve/cve-2017-14491 which states that the fixes for these vulnerabilities were included in https://access.redhat.com/errata/RHSA-2017:2836 which is dnsmasq-2.76-2.el7_4.2. This is the version you are running so you are safe.
Note that Red Hat / CentOS backports fixes to older versions. Therefore you should not worry too much about the version number. rpm -q dnsmasq --changelog | grep -i cve is usually useful as well.
Note that Red Hat / CentOS backports fixes to older versions. Therefore you should not worry too much about the version number. rpm -q dnsmasq --changelog | grep -i cve is usually useful as well.
-
- Posts: 2
- Joined: 2018/04/23 20:06:41
- Location: Poland
Re: dnsmasq 2.76 security update
Thank you avij.
Serious operating system requires serious learning.
Serious operating system requires serious learning.
My english is not good, so feel free to correct my posts.