yahoo-eng-team team mailing list archive

Thread
Date

[Bug 1721063] Re: vulnerability in dnsmasq

To: yahoo-eng-team@xxxxxxxxxxxxxxxxxxx
From: Luke Hinds <lhinds@xxxxxxxxxx>
Date: Thu, 12 Oct 2017 16:50:48 -0000
Reply-to: Bug 1721063 <1721063@xxxxxxxxxxxxxxxxxx>
Sender: bounces@xxxxxxxxxxxxx

** Changed in: ossn
       Status: In Progress => Fix Released

-- 
You received this bug notification because you are a member of Yahoo!
Engineering Team, which is subscribed to neutron.
https://bugs.launchpad.net/bugs/1721063

Title:
  vulnerability in dnsmasq

Status in neutron:
  Won't Fix
Status in OpenStack Security Advisory:
  Won't Fix
Status in OpenStack Security Notes:
  Fix Released

Bug description:
  As per [1],[2] , there have been some vulnerability issue in dnsmasq.
  The same have been fixed in dnsmasq version 2.78
  In order to avoid the vulnerabilities, it would be advisable to update dnsmasq to version 2.78
  [1]: https://security.googleblog.com/2017/10/behind-masq-yet-more-dns-and-dhcp.html
  [2]: https://thehackernews.com/2017/10/dnsmasq-network-services.html?utm_source=feedburner&utm_medium=feed&utm_campaign=Feed%3A+TheHackersNews+%28The+Hackers+News+-+Security+Blog%29&_m=3n.009a.1592.dj0ao06ba4.yhy

To manage notifications about this bug go to:
https://bugs.launchpad.net/neutron/+bug/1721063/+subscriptions

References

[Bug 1721063] [NEW] vulnerability in dnsmasq
From: Reedip, 2017-10-03