From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from emea01-db3-obe.outbound.protection.outlook.com (mail-db3on0091.outbound.protection.outlook.com [157.55.234.91]) (using TLSv1 with cipher AES256-SHA (256/256 bits)) (Client CN "mail.protection.outlook.com", Issuer "MSIT Machine Auth CA 2" (verified OK)) by huchra.bufferbloat.net (Postfix) with ESMTPS id 60A8221F295 for ; Sun, 17 May 2015 11:14:19 -0700 (PDT) Authentication-Results: spf=none (sender IP is ) smtp.mailfrom=kevin@darbyshire-bryant.me.uk; Received: from [IPv6:2001:470:183f:da2b::717c:e11c] (2001:470:183f:da2b::717c:e11c) by AM2PR07MB0931.eurprd07.prod.outlook.com (25.162.37.139) with Microsoft SMTP Server (TLS) id 15.1.166.22; Sun, 17 May 2015 18:14:12 +0000 Message-ID: <5558DA63.9090704@darbyshire-bryant.me.uk> Date: Sun, 17 May 2015 19:13:55 +0100 From: Kevin Darbyshire-Bryant User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:31.0) Gecko/20100101 Thunderbird/31.6.0 MIME-Version: 1.0 To: "cerowrt-devel@lists.bufferbloat.net" Content-Type: multipart/signed; protocol="application/pkcs7-signature"; micalg=sha1; boundary="------------ms080708060900000209080202" X-Originating-IP: [2001:470:183f:da2b::717c:e11c] X-ClientProxiedBy: CY1PR13CA0042.namprd13.prod.outlook.com (25.162.30.180) To AM2PR07MB0931.eurprd07.prod.outlook.com (25.162.37.139) X-Microsoft-Antispam: UriScan:;BCL:0;PCL:0;RULEID:;SRVR:AM2PR07MB0931; X-Microsoft-Antispam-PRVS: X-Exchange-Antispam-Report-Test: UriScan:; X-Exchange-Antispam-Report-CFA-Test: BCL:0; PCL:0; RULEID:(601004)(5005006)(3002001); SRVR:AM2PR07MB0931; BCL:0; PCL:0; RULEID:; SRVR:AM2PR07MB0931; X-Forefront-PRVS: 057906460E X-Forefront-Antispam-Report: SFV:NSPM; SFS:(10009020)(6009001)(164054003)(199003)(189002)(53754006)(106356001)(33656002)(86362001)(65816999)(105586002)(50986999)(54356999)(87266999)(40100003)(450100001)(101416001)(122386002)(42186005)(62966003)(77156002)(512874002)(19580405001)(19580395003)(80316001)(83506001)(64126003)(84326002)(74482002)(46102003)(59896002)(87976001)(64706001)(65956001)(65806001)(2501003)(5890100001)(92566002)(568964001)(4001350100001)(2351001)(229853001)(5000100001)(189998001)(5001860100001)(36756003)(5001830100001)(5001960100002)(110136002)(68736005)(107886002)(5001920100001)(4001540100001)(97736004)(81156007)(3826002)(5001840100002); DIR:OUT; SFP:1101; SCL:1; SRVR:AM2PR07MB0931; H:[IPv6:2001:470:183f:da2b::717c:e11c]; FPR:; SPF:None; PTR:InfoNoRecords; A:1; MX:1; LANG:en; Received-SPF: None (protection.outlook.com: darbyshire-bryant.me.uk does not designate permitted sender hosts) X-OriginatorOrg: darbyshire-bryant.me.uk X-MS-Exchange-CrossTenant-OriginalArrivalTime: 17 May 2015 18:14:12.3419 (UTC) X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted X-MS-Exchange-Transport-CrossTenantHeadersStamped: AM2PR07MB0931 Subject: [Cerowrt-devel] dnsmasq2.73 security issue & fix X-BeenThere: cerowrt-devel@lists.bufferbloat.net X-Mailman-Version: 2.1.13 Precedence: list List-Id: Development issues regarding the cerowrt test router project List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 17 May 2015 18:14:57 -0000 --------------ms080708060900000209080202 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: quoted-printable Hi All, I know some of you are following the dnsmasq bleeding edge. Please be aw= are there's a buffer overflow style security issue in (according to the d= nsmasq list) all test/release candidate versions of 2.73. 2.73rc8 includ= es a fix. Openwrt CC trunk 45693 has been updated to the fixed rc8 versi= on. It's worth upgrading not only to address the security issue but also to g= et the latest dnssec udp fragmentation/tcp fallback handling enhancements= =2E Hope that helps. --=20 Thanks, Kevin@Darbyshire-Bryant.me.uk --------------ms080708060900000209080202 Content-Type: application/pkcs7-signature; name="smime.p7s" Content-Transfer-Encoding: base64 Content-Disposition: attachment; filename="smime.p7s" Content-Description: S/MIME Cryptographic Signature MIAGCSqGSIb3DQEHAqCAMIACAQExCzAJBgUrDgMCGgUAMIAGCSqGSIb3DQEHAQAAoIINnDCC BjQwggQcoAMCAQICAR4wDQYJKoZIhvcNAQEFBQAwfTELMAkGA1UEBhMCSUwxFjAUBgNVBAoT DVN0YXJ0Q29tIEx0ZC4xKzApBgNVBAsTIlNlY3VyZSBEaWdpdGFsIENlcnRpZmljYXRlIFNp Z25pbmcxKTAnBgNVBAMTIFN0YXJ0Q29tIENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTA3 MTAyNDIxMDE1NVoXDTE3MTAyNDIxMDE1NVowgYwxCzAJBgNVBAYTAklMMRYwFAYDVQQKEw1T dGFydENvbSBMdGQuMSswKQYDVQQLEyJTZWN1cmUgRGlnaXRhbCBDZXJ0aWZpY2F0ZSBTaWdu aW5nMTgwNgYDVQQDEy9TdGFydENvbSBDbGFzcyAxIFByaW1hcnkgSW50ZXJtZWRpYXRlIENs aWVudCBDQTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAMcJg8zOLdgasSmkLhOr lr6KMoOMpohBllVHrdRvEg/q6r8jR+EK75xCGhR8ToREoqe7zM9/UnC6TS2y9UKTpT1v7RSM zR0t6ndl0TWBuUr/UXBhPk+Kmy7bI4yW4urC+y7P3/1/X7U8ocb8VpH/Clt+4iq7nirMcNh6 qJR+xjOhV+VHzQMALuGYn5KZmc1NbJQYclsGkDxDz2UbFqE2+6vIZoL+jb9x4Pa5gNf1TwSD kOkikZB1xtB4ZqtXThaABSONdfmv/Z1pua3FYxnCFmdr/+N2JLKutIxMYqQOJebr/f/h5t95 m4JgrM3Y/w7YX9d7YAL9jvN4SydHsU6n65cCAwEAAaOCAa0wggGpMA8GA1UdEwEB/wQFMAMB Af8wDgYDVR0PAQH/BAQDAgEGMB0GA1UdDgQWBBRTcu2SnODaywFcfH6WNU7y1LhRgjAfBgNV HSMEGDAWgBROC+8apEBbpRdphzDKNGhD0EGu8jBmBggrBgEFBQcBAQRaMFgwJwYIKwYBBQUH MAGGG2h0dHA6Ly9vY3NwLnN0YXJ0c3NsLmNvbS9jYTAtBggrBgEFBQcwAoYhaHR0cDovL3d3 dy5zdGFydHNzbC5jb20vc2ZzY2EuY3J0MFsGA1UdHwRUMFIwJ6AloCOGIWh0dHA6Ly93d3cu c3RhcnRzc2wuY29tL3Nmc2NhLmNybDAnoCWgI4YhaHR0cDovL2NybC5zdGFydHNzbC5jb20v c2ZzY2EuY3JsMIGABgNVHSAEeTB3MHUGCysGAQQBgbU3AQIBMGYwLgYIKwYBBQUHAgEWImh0 dHA6Ly93d3cuc3RhcnRzc2wuY29tL3BvbGljeS5wZGYwNAYIKwYBBQUHAgEWKGh0dHA6Ly93 d3cuc3RhcnRzc2wuY29tL2ludGVybWVkaWF0ZS5wZGYwDQYJKoZIhvcNAQEFBQADggIBAAqD CH14qywGXLhjjF6uHLkjd02hcdh9hrw+VUsv+q1eeQWB21jWj3kJ96AUlPCoEGZ/ynJNScWy 6QMVQjbbMXltUfO4n4bGGdKo3awPWp61tjAFgraLJgDk+DsSvUD6EowjMTNx25GQgyYJ5RPI zKKR9tQW8gGK+2+RHxkUCTbYFnL6kl8Ch507rUdPPipJ9CgJFws3kDS3gOS5WFMxcjO5DwKf KSETEPrHh7p5shuuNktvsv6hxHTLhiMKX893gxdT3XLS9OKmCv87vkINQcNEcIIoFWbP9HOR z9v3vQwR4e3ksLc2JZOAFK+ssS5XMEoznzpihEP0PLc4dCBYjbvSD7kxgDwZ+Aj8Q9PkbvE9 sIPP7ON0fz095HdThKjiVJe6vofq+n6b1NBc8XdrQvBmunwxD5nvtTW4vtN6VY7mUCmxsCie uoBJ9OlqmsVWQvifIYf40dJPZkk9YgGTzWLpXDSfLSplbY2LL9C9U0ptvjcDjefLTvqSFc7t w1sEhF0n/qpA2r0GpvkLRDmcSwVyPvmjFBGqUp/pNy8ZuPGQmHwFi2/14+xeSUDG2bwnsYJQ G2EdJCB6luQ57GEnTA/yKZSTKI8dDQa8Sd3zfXb19mOgSF0bBdXbuKhEpuP9wirslFe6fQ1t 5j5R0xi72MZ8ikMu1RQZKCyDbMwazlHiMIIHYDCCBkigAwIBAgIDCm0/MA0GCSqGSIb3DQEB BQUAMIGMMQswCQYDVQQGEwJJTDEWMBQGA1UEChMNU3RhcnRDb20gTHRkLjErMCkGA1UECxMi U2VjdXJlIERpZ2l0YWwgQ2VydGlmaWNhdGUgU2lnbmluZzE4MDYGA1UEAxMvU3RhcnRDb20g Q2xhc3MgMSBQcmltYXJ5IEludGVybWVkaWF0ZSBDbGllbnQgQ0EwHhcNMTQwNzAzMTE1NjM5 WhcNMTUwNzA0MTc0MjQ1WjBxMRkwFwYDVQQNExA2dVNGb1pMU1d2dGgyd2tNMSYwJAYDVQQD DB1rZXZpbkBkYXJieXNoaXJlLWJyeWFudC5tZS51azEsMCoGCSqGSIb3DQEJARYda2V2aW5A ZGFyYnlzaGlyZS1icnlhbnQubWUudWswggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoIC AQDqCZMbkat9lukbtY+VQ4HBVkcHtcUU1sWZlg7foJ6XEQXCb3ArlyY7V+AldkNY6qRlrlVt YZmSFtDsors5e3Z1VWlEYBZEbnR57t5jmfGYmaaDzc8YsWr5gsUTa+MV/MNHpuAlf9GwgQCQ e7SC7kEzkQZApfB8/zG/a5JxgVXD9c3vK40p3OW27ZqVN9rie5SoLi1KEfQbA//VyPPeDpus oDwYGq6AA82lLFvgBxi1JPlS7M9zToUQCXpvDexQPiok1iqhwYBwX3qmSInlVWnudgaJ25iL m8/9bG5nCIo+dOEZP/bOCEsMzV8n9RaCNu8ilpjMXsHbkgrlvng81CTUFlYWhdMg58CM7N9y gSBjCKuHmJwQbIdsCmuKEOFVLZR8OZzoue6e/HAQlunWEfrr/H4+UYp8yTNLybqfcyZ3k7Sg i207jicY5dVKKFFY8eSB8Ps2svxj6BgrNPZMGzW36zRwaK1MpOZxHItCcuyXo+WkI3/61BZ5 mg34ejrgalQ04887n+4u3XPKnM/IwXfivlOD+n8bOOAGR8iZVlLTVmvypMdX3+wL/yB/w8g1 Ojj9Bk5/ksZb9Eh+3q1cVOOuXa/hcCLLqetNFzlxHjbVXzBKwO9pOs50DVxtv070KalD3iqz 8hCwnDt7odkGHwXyZAErmUSjc6tqVMivid/1swIDAQABo4IC4zCCAt8wCQYDVR0TBAIwADAL BgNVHQ8EBAMCBLAwHQYDVR0lBBYwFAYIKwYBBQUHAwIGCCsGAQUFBwMEMB0GA1UdDgQWBBSg QyTrQHiayWJq77xyyu7kpPmJ2jAfBgNVHSMEGDAWgBRTcu2SnODaywFcfH6WNU7y1LhRgjAo BgNVHREEITAfgR1rZXZpbkBkYXJieXNoaXJlLWJyeWFudC5tZS51azCCAUwGA1UdIASCAUMw ggE/MIIBOwYLKwYBBAGBtTcBAgMwggEqMC4GCCsGAQUFBwIBFiJodHRwOi8vd3d3LnN0YXJ0 c3NsLmNvbS9wb2xpY3kucGRmMIH3BggrBgEFBQcCAjCB6jAnFiBTdGFydENvbSBDZXJ0aWZp Y2F0aW9uIEF1dGhvcml0eTADAgEBGoG+VGhpcyBjZXJ0aWZpY2F0ZSB3YXMgaXNzdWVkIGFj Y29yZGluZyB0byB0aGUgQ2xhc3MgMSBWYWxpZGF0aW9uIHJlcXVpcmVtZW50cyBvZiB0aGUg U3RhcnRDb20gQ0EgcG9saWN5LCByZWxpYW5jZSBvbmx5IGZvciB0aGUgaW50ZW5kZWQgcHVy cG9zZSBpbiBjb21wbGlhbmNlIG9mIHRoZSByZWx5aW5nIHBhcnR5IG9ibGlnYXRpb25zLjA2 BgNVHR8ELzAtMCugKaAnhiVodHRwOi8vY3JsLnN0YXJ0c3NsLmNvbS9jcnR1MS1jcmwuY3Js MIGOBggrBgEFBQcBAQSBgTB/MDkGCCsGAQUFBzABhi1odHRwOi8vb2NzcC5zdGFydHNzbC5j b20vc3ViL2NsYXNzMS9jbGllbnQvY2EwQgYIKwYBBQUHMAKGNmh0dHA6Ly9haWEuc3RhcnRz c2wuY29tL2NlcnRzL3N1Yi5jbGFzczEuY2xpZW50LmNhLmNydDAjBgNVHRIEHDAahhhodHRw Oi8vd3d3LnN0YXJ0c3NsLmNvbS8wDQYJKoZIhvcNAQEFBQADggEBAChYSPOI6HHjtB2zQSGb 7vqo2f/QAum648uoNCFXf/ZmpU42ca6hq/JqsugqbnCY72hNTpCh3JZwTTaBWBvj1vzjjMra pLixIvceaAqMj6vd+L43APuMMmTH9tUUNS1ksXdA2r6STVIbr4p2sbVV3WktLGFnNAy5uXbr mLHay5w6jcmSfTAh1aA49sSvp+8CB6q6uDef2j9X8OE9Ajr5l0mcnGdVOkLZU6Zq20G8jb3p sdqoO9MU5UbKfZCN4/ibr+/0Pj3VZIE3jCEW2DwguN6DIDAYVc6b7RFGf3cWadJrSa887Sc/ 9wzXymTKAyBvfgRQeWcZ+5w4RlOI/TmpNfwxggTdMIIE2QIBATCBlDCBjDELMAkGA1UEBhMC SUwxFjAUBgNVBAoTDVN0YXJ0Q29tIEx0ZC4xKzApBgNVBAsTIlNlY3VyZSBEaWdpdGFsIENl cnRpZmljYXRlIFNpZ25pbmcxODA2BgNVBAMTL1N0YXJ0Q29tIENsYXNzIDEgUHJpbWFyeSBJ bnRlcm1lZGlhdGUgQ2xpZW50IENBAgMKbT8wCQYFKw4DAhoFAKCCAh0wGAYJKoZIhvcNAQkD MQsGCSqGSIb3DQEHATAcBgkqhkiG9w0BCQUxDxcNMTUwNTE3MTgxMzU1WjAjBgkqhkiG9w0B CQQxFgQUqDbMIbiZS/cV5WvLMU2HzGFwTG4wbAYJKoZIhvcNAQkPMV8wXTALBglghkgBZQME ASowCwYJYIZIAWUDBAECMAoGCCqGSIb3DQMHMA4GCCqGSIb3DQMCAgIAgDANBggqhkiG9w0D AgIBQDAHBgUrDgMCBzANBggqhkiG9w0DAgIBKDCBpQYJKwYBBAGCNxAEMYGXMIGUMIGMMQsw CQYDVQQGEwJJTDEWMBQGA1UEChMNU3RhcnRDb20gTHRkLjErMCkGA1UECxMiU2VjdXJlIERp Z2l0YWwgQ2VydGlmaWNhdGUgU2lnbmluZzE4MDYGA1UEAxMvU3RhcnRDb20gQ2xhc3MgMSBQ cmltYXJ5IEludGVybWVkaWF0ZSBDbGllbnQgQ0ECAwptPzCBpwYLKoZIhvcNAQkQAgsxgZeg gZQwgYwxCzAJBgNVBAYTAklMMRYwFAYDVQQKEw1TdGFydENvbSBMdGQuMSswKQYDVQQLEyJT ZWN1cmUgRGlnaXRhbCBDZXJ0aWZpY2F0ZSBTaWduaW5nMTgwNgYDVQQDEy9TdGFydENvbSBD bGFzcyAxIFByaW1hcnkgSW50ZXJtZWRpYXRlIENsaWVudCBDQQIDCm0/MA0GCSqGSIb3DQEB AQUABIICANZ8D+NLRj0KZgCH+n2XcbfA9eJleHaWtJwt66pn9p7Qh+HdHo67OejHvezwCakM sdgLWzEnZLChv9Cx00qSNZKbYmCJUlNA4Fnzwe2No4Dnyae7GXhOGcQKGqvwKMWuz2GVfdfX 7P3GWNKmYCGE+H2CedVyKTXm0hmQkOKonPoXIce+MlRfnH1649UYiWaf7sdR1dl8brlZuiwR 9qhieIYELGjatDp0q3IzJcdwAUXtByePfC5AOoh1TfI+kXc7i8HuNVOZiutjQ2t9XA4RzovP zJA1FPcvNrGe1IwGxEuikcPWswR0kBHAV44d4ZY/YIOh6DI+zNq6dW0+DI+ngM8s2712JA0S GUh0txhhH8F24az/4LqC38oSmBuyEYDiCeeF8UyB8EPajaBLm4R49i2LBGPv+VnEbXItBMx8 oDP5A6NA1joEoxEbDKt7NRsCzrxMRgQdKB1QbY9Np0uX6XfpuF4C+AIF37ikmMH9+aaGk+5q rK3O4eCaT7hFc3Fv26OjO9r5oQdy7XEEddQOMNlW8Ji6u2zBki2B0Sn7VZ7nV5rsLFbA4SxY 2rLLXWAp2nbk0+7jqps2WWW4mgW0BhgwNN6acTUiNMR7W3yXWknN0MchJcyB4flMIKQLUCDZ j79678sJLEgA882YnZEe80X3p40oMKmXCPv/lTI4iXzXAAAAAAAA --------------ms080708060900000209080202--