Page MenuHomeVyOS Platform

Any plans to backport dnsmasq?
Closed, ResolvedPublic

Asked by jbrown on Oct 2 2017, 7:20 PM.


Google Project Zero just unveiled a bunch of critical-severity issues in dnsmasq that are already being exploited publicly; if ever there were a worthy time to backport the patched version from Debian and push it through apt, this is it. Pretty much everybody with DNS enabled on 1.1.7 is vulnerable to RCE.

I know the big push is on 1.2.x, but please don't forget about all of us with existing 1.1.x installations...


Updated 1,892 Days Ago

(from @syncer): File a ticket; filed T410

New Answer


This question has been marked as closed, but you can still leave a new answer.