diff options
| author | Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk> | 2018-01-20 08:46:28 +0000 |
|---|---|---|
| committer | Jo-Philipp Wich <jo@mein.io> | 2018-01-20 14:22:39 +0100 |
| commit | adaf1cbcc8b253ea807dbe0416b4b04c33dceadf (patch) | |
| tree | 970eab721ae24f7c6b479be1616a1a6949c155de | |
| parent | a3198061f80a7f3933810cd99206b085e4cf49f9 (diff) | |
| download | upstream-adaf1cbcc8b253ea807dbe0416b4b04c33dceadf.tar.gz upstream-adaf1cbcc8b253ea807dbe0416b4b04c33dceadf.tar.bz2 upstream-adaf1cbcc8b253ea807dbe0416b4b04c33dceadf.zip | |
dnsmasq: backport validation fix in dnssec security fix
A DNSSEC validation error was introduced in the fix for CVE-2017-15107
Backport the upstream fix to the fix (a simple typo)
Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
| -rw-r--r-- | package/network/services/dnsmasq/Makefile | 2 | ||||
| -rw-r--r-- | package/network/services/dnsmasq/patches/270-dnssec-wildcards.patch | 2 |
2 files changed, 2 insertions, 2 deletions
diff --git a/package/network/services/dnsmasq/Makefile b/package/network/services/dnsmasq/Makefile index 3ef7a317d4..7ba7d56b52 100644 --- a/package/network/services/dnsmasq/Makefile +++ b/package/network/services/dnsmasq/Makefile @@ -9,7 +9,7 @@ include $(TOPDIR)/rules.mk PKG_NAME:=dnsmasq PKG_VERSION:=2.78 -PKG_RELEASE:=9 +PKG_RELEASE:=10 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.xz PKG_SOURCE_URL:=http://thekelleys.org.uk/dnsmasq/ diff --git a/package/network/services/dnsmasq/patches/270-dnssec-wildcards.patch b/package/network/services/dnsmasq/patches/270-dnssec-wildcards.patch index 029e7ea7af..d13ac2cbad 100644 --- a/package/network/services/dnsmasq/patches/270-dnssec-wildcards.patch +++ b/package/network/services/dnsmasq/patches/270-dnssec-wildcards.patch @@ -160,7 +160,7 @@ in a domain which includes a wildcard for NSEC. + int type_covered; + unsigned char *psav = p1; + -+ if (rdlen < 18) ++ if (rdlen1 < 18) + return 0; /* bad packet */ + + GETSHORT(type_covered, p1); |