dnsmasq (SL7)

By Scientific Linux Team on January 26, 2021

Synopsis: Moderate: dnsmasq security update
Advisory ID: SLSA-2021:0153-1
Issue Date: 2021-01-19
CVE Numbers: CVE-2020-25684
CVE-2020-25685
CVE-2020-25686

Security Fix(es):

* dnsmasq: loose address/port check in reply_query() makes forging replies
easier for an off-path attacker (CVE-2020-25684)

* dnsmasq: loose query name check in reply_query() makes forging replies
easier for an off-path attacker (CVE-2020-25685)

* dnsmasq: multiple queries forwarded for the same name makes forging
replies easier for an off-path attacker (CVE-2020-25686)

SL7
x86_64
dnsmasq-2.76-16.el7_9.1.x86_64.rpm
dnsmasq-debuginfo-2.76-16.el7_9.1.x86_64.rpm
dnsmasq-utils-2.76-16.el7_9.1.x86_64.rpm

– Scientific Linux Development Team