hak5/wifipineapple-openwrt
1
0
Fork 0
mirror of https://github.com/hak5/wifipineapple-openwrt.git synced 2025-10-29 16:57:19 +00:00
Code Issues Packages Projects Releases Wiki Activity

CC: dnsmasq: bump to v2.78

Browse Source 
Fixes CVE-2017-14491, CVE-2017-14492, CVE-2017-14493, CVE-2017-14494, 2017-CVE-14495, 2017-CVE-14496

Signed-off-by: Kevin Darbyshire-Bryant <kevin@darbyshire-bryant.me.uk>
This commit is contained in:
Kevin Darbyshire-Bryant 2017-10-05 14:47:30 +02:00 committed by Zoltan HERPAI
parent 7967aa9315
commit c69ccdd307
3 changed files with 3 additions and 40 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
package/network/services/dnsmasq/Makefile
View File

@ -8,12 +8,12 @@
include $(TOPDIR)/rules.mk
PKG_NAME:=dnsmasq
PKG_VERSION:=2.77
PKG_VERSION:=2.78
PKG_RELEASE:=1
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.xz
PKG_SOURCE_URL:=http://thekelleys.org.uk/dnsmasq/
PKG_MD5SUM:=5b973fea8e66e76a0e6bb44adefc6f9b
PKG_MD5SUM:=6d0241b72c79d2b510776ccc4ed69ca4
PKG_LICENSE:=GPL-2.0
PKG_LICENSE_FILES:=COPYING

37
package/network/services/dnsmasq/patches/025-fix-CVE-2017-13704.patch
View File

@ -1,37 +0,0 @@
From 38af9b1ac3242a4128e88069c495024caa565f0e Mon Sep 17 00:00:00 2001
From: Kevin Darbyshire-Bryant <kevin@darbyshire-bryant.me.uk>
Date: Tue, 29 Aug 2017 12:35:40 +0100
Subject: [PATCH] forward.c: fix CVE-2017-13704
Fix SIGSEGV in rfc1035.c answer_request() line 1228 where memset()
is called with header & limit pointing at the same address and thus
tries to clear memory from before the buffer begins.
answer_request() is called with an invalid edns packet size provided by
the client. Ensure the udp_size provided by the client is bounded by
512 and configured maximum as per RFC 6891 6.2.3 "Values lower than 512
MUST be treated as equal to 512"
The client that exposed the problem provided a payload udp size of 0.
Signed-off-by: Kevin Darbyshire-Bryant <kevin@darbyshire-bryant.me.uk>
---
src/forward.c | 2 ++
1 file changed, 2 insertions(+)
diff --git a/src/forward.c b/src/forward.c
index f22556a..62c5a5a 100644
--- a/src/forward.c
+++ b/src/forward.c
@@ -1408,6 +1408,8 @@ void receive_query(struct listener *listen, time_t now)
defaults to 512 */
if (udp_size > daemon->edns_pktsz)
udp_size = daemon->edns_pktsz;
+ if (udp_size < 512)
+ udp_size = 512; /* RFC 6891 6.2.3 */
}
#ifdef HAVE_AUTH
--
2.7.4

2
package/network/services/dnsmasq/patches/230-fix-poll-h-include-warning-on-musl.patch
View File

@ -7,7 +7,7 @@ Signed-off-by: Kevin Darbyshire-Bryant <kevin@darbyshire-bryant.me.uk>
--- a/src/dnsmasq.h
+++ b/src/dnsmasq.h
@@ -82,7 +82,7 @@ typedef unsigned long long u64;
@@ -88,7 +88,7 @@ typedef unsigned long long u64;
#if defined(HAVE_SOLARIS_NETWORK)
# include <sys/sockio.h>
#endif