Alerts This Week
Warning Icon 1 905
Alerts This Week
Warning Icon 1 905

Fedora 36: 2022-5ef0bd9a27 Critical: dnscrypt-proxy DoS Risk Mitigation

fedora
Calendar Grey July 29, 2022
Dist Fedora Esm H88
Fedora 36 has rolled out an update that resolves CVE vulnerabilities related to dnscrypt-proxy, introducing advanced encryption capabilities for DNS communication.
Rebuild to mitigate CVE-2022-{1705,32148,30631,30633,28131,30635,30632,30630,1962} in golang --- See https://groups.google.com/g/golang-dev/c/frczlF8OFQ0/m/4lrZh5BHDgAJ for more in...

Summary

A flexible DNS proxy, with support for modern encrypted DNS protocols such as

DNSCrypt v2 and DNS-over-HTTP/2.

Features:

- DNS traffic encryption and authentication. Supports DNS-over-HTTPS (DoH)

and DNSCrypt.

- DNSSEC compatible

- DNS query monitoring, with separate log files for regular and suspicious

queries

- Pattern-based local blocking of DNS names and IP addresses

- Time-based filtering, with a flexible weekly schedule

- Transparent redirection of specific domains to specific resolvers

- DNS caching, to reduce latency and improve privacy

- Local IPv6 blocking to reduce latency on IPv4-only networks

- Load balancing: pick a set of resolvers, dnscrypt-proxy will automatically

measure and keep track of their speed, and balance the traffic across the

fastest available ones.

- Cloaking: like a HOSTS file on steroids, that can return preconfigured

addresses for specific names, or resolve and return the IP address of other

names. This can be used for local development as well as to enforce safe

search results on Google, Yahoo and Bing.

- Automatic background updates of resolvers lists

- Can force outgoing connections to use TCP; useful with tunnels such as Tor.

Rebuild to mitigate

CVE-2022-{1705,32148,30631,30633,28131,30635,30632,30630,1962} in golang ---See https://groups.google.com/g/golang-dev/c/frczlF8OFQ0/m/4lrZh5BHDgAJ for more

information about the specific vulnerabilities.

* Tue Jul 19 2022 Maxwell G 2.1.1-5

- Rebuild for

CVE-2022-{1705,32148,30631,30633,28131,30635,30632,30630,1962} in golang

su -c 'dnf upgrade --advisory FEDORA-2022-5ef0bd9a27' at the command

line. For more information, refer to the dnf documentation available at

https://dnf.readthedocs.io/en/latest/command_ref.html

All packages are signed with the Fedora Project GPG key. More details on the

GPG keys used by the Fedora Project can be found at

https://fedoraproject.org/security/

package-announce mailing list -- package-announce@lists.fedoraproject.org

To unsubscribe send an email to package-announce-leave@lists.fedoraproject.org

Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/

List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines

List Archives: https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/

Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure

Topics%20covered

Topics Covered

security advisory Fedora DoS update information CVE mitigation dnscrypt-proxy

Change Log

References

Update Instructions

Severity
critical
Lowest
Low
Medium
High
Critical

Product: Fedora 36
Version: 2.1.1
Release: 5.fc36
URL: https://github.com/DNSCrypt/dnscrypt-proxy
Summary: Flexible DNS proxy, with support for encrypted DNS protocols

Topics%20covered

Topics Covered

security advisory Fedora DoS update information CVE mitigation dnscrypt-proxy

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here