Mageia 2020-0310: dnsmasq security update

    Date 31 Jul 2020
    208
    Posted By LinuxSecurity Advisories
    Updated dnsmasq package fix insecure default configuration potentially making it an open resolver (CVE-2020-14312). In its default configuration, dnsmasq listen and answer query from any address even outside of the local subnet. Thus, it may inadvertently
    MGASA-2020-0310 - Updated dnsmasq packages fix security vulnerability
    
    Publication date: 31 Jul 2020
    URL: https://advisories.mageia.org/MGASA-2020-0310.html
    Type: security
    Affected Mageia releases: 7
    CVE: CVE-2020-14312
    
    Updated dnsmasq package fix insecure default configuration potentially
    making it an open resolver (CVE-2020-14312).
    
    In its default configuration, dnsmasq listen and answer query from any
    address even outside of the local subnet. Thus, it may inadvertently
    become an open resolver which might be used in Distributed Denial of
    Service attacks.
    
    This update add the option --local-service at startup which limits
    dnsmasq to listen only to machines on the same local network.
    
    This option only works if there aren't any of the following options
    on cmdline or in dnsmasq.conf (without the double dash):
    --interface
    --except-interface
    --listen-address
    --auth-server
    
    References:
    - https://bugs.mageia.org/show_bug.cgi?id=26964
    - https://bugzilla.redhat.com/show_bug.cgi?id=1851342
    - https://bugzilla.redhat.com/show_bug.cgi?id=1852373
    - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14312
    
    SRPMS:
    - 7/core/dnsmasq-2.80-5.3.mga7
    

    LinuxSecurity Poll

    If you are using full-disk encryption: are you concerned about the resulting performance hit?

    No answer selected. Please try again.
    Please select either existing option or enter your own, however not both.
    Please select minimum 0 answer(s) and maximum 2 answer(s).
    /main-polls/34-if-you-are-using-full-disk-encryption-are-you-concerned-about-the-resulting-performance-hit?task=poll.vote&format=json
    34
    radio
    [{"id":"120","title":"Yes","votes":"14","type":"x","order":"1","pct":60.87,"resources":[]},{"id":"121","title":"No ","votes":"9","type":"x","order":"2","pct":39.13,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
    bottom 200

    Please enable / Bitte aktiviere JavaScript!
    Veuillez activer / Por favor activa el Javascript![ ? ]

    We use cookies to provide and improve our services. By using our site, you consent to our Cookie Policy.