Linux Security
    Linux Security
    Linux Security

    Mageia 2020-0310: dnsmasq security update

    Date
    355
    Posted By
    Updated dnsmasq package fix insecure default configuration potentially making it an open resolver (CVE-2020-14312). In its default configuration, dnsmasq listen and answer query from any address even outside of the local subnet. Thus, it may inadvertently
    MGASA-2020-0310 - Updated dnsmasq packages fix security vulnerability
    
    Publication date: 31 Jul 2020
    URL: https://advisories.mageia.org/MGASA-2020-0310.html
    Type: security
    Affected Mageia releases: 7
    CVE: CVE-2020-14312
    
    Updated dnsmasq package fix insecure default configuration potentially
    making it an open resolver (CVE-2020-14312).
    
    In its default configuration, dnsmasq listen and answer query from any
    address even outside of the local subnet. Thus, it may inadvertently
    become an open resolver which might be used in Distributed Denial of
    Service attacks.
    
    This update add the option --local-service at startup which limits
    dnsmasq to listen only to machines on the same local network.
    
    This option only works if there aren't any of the following options
    on cmdline or in dnsmasq.conf (without the double dash):
    --interface
    --except-interface
    --listen-address
    --auth-server
    
    References:
    - https://bugs.mageia.org/show_bug.cgi?id=26964
    - https://bugzilla.redhat.com/show_bug.cgi?id=1851342
    - https://bugzilla.redhat.com/show_bug.cgi?id=1852373
    - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14312
    
    SRPMS:
    - 7/core/dnsmasq-2.80-5.3.mga7
    

    LinuxSecurity Poll

    I agree with Linus Torvalds - Apple's new M1-powered laptops should run on Linux.

    No answer selected. Please try again.
    Please select either existing option or enter your own, however not both.
    Please select minimum 0 answer(s) and maximum 2 answer(s).
    /main-polls/45-i-agree-with-linus-torvalds-apple-s-new-m1-powered-laptops-should-run-on-linux?task=poll.vote&format=json
    45
    radio
    [{"id":"158","title":"True","votes":"11","type":"x","order":"1","pct":100,"resources":[]},{"id":"159","title":"False","votes":"0","type":"x","order":"2","pct":0,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350

    Please vote first in order to view vote results.


    VIEW MORE POLLS

    bottom 200

    Please enable / Bitte aktiviere JavaScript!
    Veuillez activer / Por favor activa el Javascript![ ? ]

    We use cookies to provide and improve our services. By using our site, you consent to our Cookie Policy.