dnsmasq is probably affected by the cache poisoning issues too, see $URL
Yes, it does appear to be affected, I will update the version in portage as soon as a fix is out.
comitted net-dns/dnsmasq-2.43_rc3 which should have the fix (although it is unclear if dnsmasq is affected) http://lists.thekelleys.org.uk/pipermail/dnsmasq-discuss/2008q3/002148.html
I've tested both versions. I noticed that in the recently committed version that dnsmasq doesn't leave a high numbered UDP port open (in my case it was 32781) output of netstat -an | grep udp Version 2.42: udp 0 0 0.0.0.0:32781 0.0.0.0:* udp 0 0 0.0.0.0:53 0.0.0.0:* Version 2.43rc3: udp 0 0 0.0.0.0:53 0.0.0.0:*
Arches, please test and mark stable: =net-dns/dnsmasq-2.43 Target keywords : "alpha amd64 arm hppa ia64 ppc ppc64 s390 sh sparc x86"
Stable for HPPA.
stable on amd64
sparc stable
alpha/ia64/x86 stable
ppc64 stable
ppc stable
Since bind got a GLSA, I guess we'll have another one, but maybe we should combine with other DNS resolvers? Anyway, glsa reques filed.
GLSA 200809-02