Date: Tue, 22 Jul 2008 12:37:02 -0400
From: Jamie Strandboge <jamie@canonical.com.>
To: [email protected]Subject: [USN-627-1] Dnsmasq vulnerability
Message-ID: <20080722163702.GA2190@severus.strandboge.com.>
Reply-To: Jamie Strandboge <jamie@canonical.com.>
MIME-Version: 1.0
Content-Type: multipart/signed; micalg=pgp-sha1;
protocol="application/pgp-signature"; boundary="xHFwDpU9dbj6ez1V"
Content-Disposition: inline
User-Agent: Mutt/1.5.17+20080114 (2008-01-14)
X-Virus-Scanned: antivirus-gw at tyumen.ru
--xHFwDpU9dbj6ez1V
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=20
Ubuntu Security Notice USN-627-1 July 22, 2008
dnsmasq vulnerability
CVE-2008-1447
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D
A security issue affects the following Ubuntu releases:
Ubuntu 8.04 LTS
This advisory also applies to the corresponding versions of
Kubuntu, Edubuntu, and Xubuntu.
The problem can be corrected by upgrading your system to the
following package versions:
Ubuntu 8.04 LTS:
dnsmasq-base 2.41-2ubuntu2.1
After a standard system upgrade you need to restart Dnsmasq to effect
the necessary changes.
Details follow:
Dan Kaminsky discovered weaknesses in the DNS protocol as implemented
by Dnsmasq. A remote attacker could exploit this to spoof DNS entries
and poison DNS caches. Among other things, this could lead to
misdirected email and web traffic.
Updated packages for Ubuntu 8.04 LTS:
Source archives:
http://security.ubuntu.com/ubuntu/pool/main/d/dnsmasq/dnsmasq_2.41-2ubu=
ntu2.1.diff.gz
Size/MD5: 22023 89c0f060733a11e414ef1fa634b17149
http://security.ubuntu.com/ubuntu/pool/main/d/dnsmasq/dnsmasq_2.41-2ubu=
ntu2.1.dsc
Size/MD5: 698 e44ebdb66be7abcaba3f1558b9379abb
http://security.ubuntu.com/ubuntu/pool/main/d/dnsmasq/dnsmasq_2.41.orig=
=2Etar.gz
Size/MD5: 357997 8d0acd6656299a800c4d1be5a1193e39
Architecture independent packages:
http://security.ubuntu.com/ubuntu/pool/main/d/dnsmasq/dnsmasq_2.41-2ubu=
ntu2.1_all.deb
Size/MD5: 11962 fbe42757babf0522e92a48438cdf7d0b
amd64 architecture (Athlon64, Opteron, EM64T Xeon):
http://security.ubuntu.com/ubuntu/pool/main/d/dnsmasq/dnsmasq-base_2.41=
-2ubuntu2.1_amd64.deb
Size/MD5: 210032 015334862975edd0c6157624b9b4cd6b
i386 architecture (x86 compatible Intel/AMD):
http://security.ubuntu.com/ubuntu/pool/main/d/dnsmasq/dnsmasq-base_2.41=
-2ubuntu2.1_i386.deb
Size/MD5: 202466 87bebd172bae955ef2ae8f2de323a737
lpia architecture (Low Power Intel Architecture):
http://ports.ubuntu.com/pool/main/d/dnsmasq/dnsmasq-base_2.41-2ubuntu2.=
1_lpia.deb
Size/MD5: 202996 8938160f148e63de63cad64e2721c6d6
powerpc architecture (Apple Macintosh G3/G4/G5):
http://ports.ubuntu.com/pool/main/d/dnsmasq/dnsmasq-base_2.41-2ubuntu2.=
1_powerpc.deb
Size/MD5: 210320 865aa2d674736978b2b00a8623267fc4
sparc architecture (Sun SPARC/UltraSPARC):
http://ports.ubuntu.com/pool/main/d/dnsmasq/dnsmasq-base_2.41-2ubuntu2.=
1_sparc.deb
Size/MD5: 204034 211f90a72d775d1987b6c3179786546f
--xHFwDpU9dbj6ez1V
Content-Type: application/pgp-signature; name="signature.asc"
Content-Description: Digital signature
Content-Disposition: inline
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)
iD8DBQFIhgyuW0JvuRdL8BoRAqVgAJ9LaLf6zky3KwFTaD9ENteCBDgU8gCfaRRQ
eKPFB8gMP8q5EKnpSFR0IMw=
=V3Nx
-----END PGP SIGNATURE-----
--xHFwDpU9dbj6ez1V--