Issued at: 2024-03-27
Updated at: 2024-03-27
Synopsis
Important: dnsmasq security update
Description
The dnsmasq packages contain Dnsmasq, a lightweight DNS (Domain Name Server) forwarder and DHCP (Dynamic Host Configuration Protocol) server.
Security Fix(es):
* dnsmasq: bind9: KeyTrap - Extreme CPU consumption in DNSSEC validator (CVE-2023-50387)
* dnsmasq: bind9: Preparing an NSEC3 closest encloser proof can exhaust CPU resources (CVE-2023-50868)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Affected products
Rocky Linux 8 aarch64
Rocky Linux 8 x86_64
Fixes
2263914
2263917
CVEs
CVE-2023-50387
CVE-2023-50868
Affected packages
Rocky Linux 8 aarch64 - AppStream
dnsmasq-0:2.79-31.el8_9.2.aarch64.rpm
dnsmasq-0:2.79-31.el8_9.2.src.rpm
dnsmasq-debuginfo-0:2.79-31.el8_9.2.aarch64.rpm
dnsmasq-debugsource-0:2.79-31.el8_9.2.aarch64.rpm
dnsmasq-utils-0:2.79-31.el8_9.2.aarch64.rpm
dnsmasq-utils-debuginfo-0:2.79-31.el8_9.2.aarch64.rpm
Rocky Linux 8 x86_64 - AppStream
dnsmasq-0:2.79-31.el8_9.2.src.rpm
dnsmasq-0:2.79-31.el8_9.2.x86_64.rpm
dnsmasq-debuginfo-0:2.79-31.el8_9.2.x86_64.rpm
dnsmasq-debugsource-0:2.79-31.el8_9.2.x86_64.rpm
dnsmasq-utils-0:2.79-31.el8_9.2.x86_64.rpm
dnsmasq-utils-debuginfo-0:2.79-31.el8_9.2.x86_64.rpm