TUCoPS :: Linux :: Ubuntu :: bx3830.htm

Dnsmasq vulnerability
Dnsmasq vulnerability
Dnsmasq vulnerability



--xHFwDpU9dbj6ez1V
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable

=========================================================== 
Ubuntu Security Notice USN-627-1              July 22, 2008
dnsmasq vulnerability
CVE-2008-1447
==========================================================
A security issue affects the following Ubuntu releases:

Ubuntu 8.04 LTS

This advisory also applies to the corresponding versions of
Kubuntu, Edubuntu, and Xubuntu.

The problem can be corrected by upgrading your system to the
following package versions:

Ubuntu 8.04 LTS:
  dnsmasq-base                    2.41-2ubuntu2.1

After a standard system upgrade you need to restart Dnsmasq to effect
the necessary changes.

Details follow:

Dan Kaminsky discovered weaknesses in the DNS protocol as implemented
by Dnsmasq. A remote attacker could exploit this to spoof DNS entries
and poison DNS caches. Among other things, this could lead to
misdirected email and web traffic.


Updated packages for Ubuntu 8.04 LTS:

  Source archives:

http://security.ubuntu.com/ubuntu/pool/main/d/dnsmasq/dnsmasq_2.41-2ubuntu2.1.diff.gz 
      Size/MD5:    22023 89c0f060733a11e414ef1fa634b17149
http://security.ubuntu.com/ubuntu/pool/main/d/dnsmasq/dnsmasq_2.41-2ubuntu2.1.dsc 
      Size/MD5:      698 e44ebdb66be7abcaba3f1558b9379abb
http://security.ubuntu.com/ubuntu/pool/main/d/dnsmasq/dnsmasq_2.41.orig=2Etar.gz 
      Size/MD5:   357997 8d0acd6656299a800c4d1be5a1193e39

  Architecture independent packages:

http://security.ubuntu.com/ubuntu/pool/main/d/dnsmasq/dnsmasq_2.41-2ubuntu2.1_all.deb 
      Size/MD5:    11962 fbe42757babf0522e92a48438cdf7d0b

  amd64 architecture (Athlon64, Opteron, EM64T Xeon):

http://security.ubuntu.com/ubuntu/pool/main/d/dnsmasq/dnsmasq-base_2.41-2ubuntu2.1_amd64.deb 
      Size/MD5:   210032 015334862975edd0c6157624b9b4cd6b

  i386 architecture (x86 compatible Intel/AMD):

http://security.ubuntu.com/ubuntu/pool/main/d/dnsmasq/dnsmasq-base_2.41-2ubuntu2.1_i386.deb 
      Size/MD5:   202466 87bebd172bae955ef2ae8f2de323a737

  lpia architecture (Low Power Intel Architecture):

http://ports.ubuntu.com/pool/main/d/dnsmasq/dnsmasq-base_2.41-2ubuntu2.1_lpia.deb 
      Size/MD5:   202996 8938160f148e63de63cad64e2721c6d6

  powerpc architecture (Apple Macintosh G3/G4/G5):

http://ports.ubuntu.com/pool/main/d/dnsmasq/dnsmasq-base_2.41-2ubuntu2.1_powerpc.deb 
      Size/MD5:   210320 865aa2d674736978b2b00a8623267fc4

  sparc architecture (Sun SPARC/UltraSPARC):

http://ports.ubuntu.com/pool/main/d/dnsmasq/dnsmasq-base_2.41-2ubuntu2.1_sparc.deb 
      Size/MD5:   204034 211f90a72d775d1987b6c3179786546f



--xHFwDpU9dbj6ez1V
Content-Type: application/pgp-signature; name="signature.asc"
Content-Description: Digital signature
Content-Disposition: inline

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)

iD8DBQFIhgyuW0JvuRdL8BoRAqVgAJ9LaLf6zky3KwFTaD9ENteCBDgU8gCfaRRQ
eKPFB8gMP8q5EKnpSFR0IMw=V3Nx
-----END PGP SIGNATURE-----

--xHFwDpU9dbj6ez1V--

TUCoPS is optimized to look best in Firefox® on a widescreen monitor (1440x900 or better).
Site design & layout copyright © 1986-2024 AOH