Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 924448 - <net-dns/dnsmasq-2.90: "KeyTrap" DNS DoS vulnerability
Summary: <net-dns/dnsmasq-2.90: "KeyTrap" DNS DoS vulnerability
Status: IN_PROGRESS
Alias: None
Product: Gentoo Security
Classification: Unclassified
Component: Vulnerabilities (show other bugs)
Hardware: All Linux
: Normal normal (vote)
Assignee: Gentoo Security
URL:
Whiteboard: A3 [glsa? cleanup]
Keywords:
Depends on: 925164
Blocks: CVE-2023-50387, CVE-2023-50868
  Show dependency tree
 
Reported: 2024-02-14 00:15 UTC by Randy Barlow
Modified: 2024-03-17 04:05 UTC (History)
3 users (show)

See Also:
Package list:
Runtime testing required: ---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Randy Barlow 2024-02-14 00:15:51 UTC 
See https://lists.thekelleys.org.uk/pipermail/dnsmasq-discuss/2024q1/017430.html

Reproducible: Always
Comment 1 Larry the Git Cow gentoo-dev 2024-02-21 11:01:52 UTC 
The bug has been referenced in the following commit(s):

https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=6e7e22b8a35b61837d8b8dcbbe5ed4da27df9d96

commit 6e7e22b8a35b61837d8b8dcbbe5ed4da27df9d96
Author:     Sam James <sam@gentoo.org>
AuthorDate: 2024-02-21 10:59:33 +0000
Commit:     Sam James <sam@gentoo.org>
CommitDate: 2024-02-21 11:00:50 +0000

    net-dns/dnsmasq: add 2.90
    
    Bug: https://bugs.gentoo.org/924448
    Closes: https://bugs.gentoo.org/675278
    Signed-off-by: Sam James <sam@gentoo.org>

 net-dns/dnsmasq/Manifest            |   1 +
 net-dns/dnsmasq/dnsmasq-2.90.ebuild | 231 ++++++++++++++++++++++++++++++++++++
 2 files changed, 232 insertions(+)