Security fix, CVE-2017-14492, DHCPv6 RA heap overflow. Fix heap overflow in IPv6 router advertisement code. This is a potentially serious security hole, as a crafted RA request can overflow a buffer and crash or control dnsmasq. Attacker must be on the local network.

commit: 24036ea507862c7b7898b68289c8130f85599c10 [log] [tgz]
author: Simon Kelley <simon@thekelleys.org.uk> Mon Sep 25 18:47:15 2017 +0100
committer: Simon Kelley <simon@thekelleys.org.uk> Mon Sep 25 19:59:27 2017 +0100
tree: 8d2c97664ce86e8906161bbdd2f06014ce76ec11
parent: 0549c73b7ea6b22a3c49beb4d432f185a81efcbc [diff] [blame]
diff --git a/CHANGELOG b/CHANGELOG
index a7c2f35..df6c157 100644
--- a/CHANGELOG
+++ b/CHANGELOG

@@ -35,7 +35,15 @@
 	and Kevin Hamacher of the Google Security Team for
 	finding this.
 
-
+	Fix heap overflow in IPv6 router advertisement code.
+	This is a potentially serious security hole, as a
+	crafted RA request can overflow a buffer and crash or
+	control dnsmasq. Attacker must be on the local network.
+	CVE-2017-14492 applies.
+        Credit to Felix Wilhelm, Fermin J. Serna, Gabriel Campana
+	and Kevin Hamacher of the Google Security Team for
+	finding this.
+	
 	
 version 2.77
 	Generate an error when configured with a CNAME loop,
commit	24036ea507862c7b7898b68289c8130f85599c10	[log] [tgz]
author	Simon Kelley <simon@thekelleys.org.uk>	Mon Sep 25 18:47:15 2017 +0100
committer	Simon Kelley <simon@thekelleys.org.uk>	Mon Sep 25 19:59:27 2017 +0100
tree	8d2c97664ce86e8906161bbdd2f06014ce76ec11
parent	0549c73b7ea6b22a3c49beb4d432f185a81efcbc [diff] [blame]