import of dnsmasq-2.50.tar.gz

commit: 77e94da7bb3839872abca8e3b8733cfe649d404f [log] [tgz]
author: Simon Kelley <simon@thekelleys.org.uk> Mon Aug 31 17:32:17 2009 +0100
committer: Simon Kelley <simon@thekelleys.org.uk> Thu Jan 05 17:31:14 2012 +0000
tree: 55b1f2e98f4892858ea85d28b3a9e48f7e6a2be0
parent: 03a97b617071ce506357ac9b505d39fa283833ec [diff] [blame]
diff --git a/CHANGELOG b/CHANGELOG
index 6911953..ad398a7 100644
--- a/CHANGELOG
+++ b/CHANGELOG

@@ -1,3 +1,18 @@
+version 2.50
+            Fix security problem which allowed any host permitted to 
+            do TFTP to possibly compromise dnsmasq by remote buffer 
+            overflow when TFTP enabled. Thanks to Core Security 
+	    Technologies and Iván Arce, Pablo Hernán Jorge, Alejandro 
+	    Pablo Rodriguez, Martín Coco, Alberto Soliño Testa and
+	    Pablo Annetta. This problem has Bugtraq id: 36121 
+            and CVE: 2009-2957
+
+            Fix a problem which allowed a malicious TFTP client to 
+            crash dnsmasq. Thanks to Steve Grubb at Red Hat for 
+            spotting this. This problem has Bugtraq id: 36120 and 
+            CVE: 2009-2958
+
+
 version 2.49
             Fix regression in 2.48 which disables the lease-change
             script. Thanks to Jose Luis Duran for spotting this.
commit	77e94da7bb3839872abca8e3b8733cfe649d404f	[log] [tgz]
author	Simon Kelley <simon@thekelleys.org.uk>	Mon Aug 31 17:32:17 2009 +0100
committer	Simon Kelley <simon@thekelleys.org.uk>	Thu Jan 05 17:31:14 2012 +0000
tree	55b1f2e98f4892858ea85d28b3a9e48f7e6a2be0
parent	03a97b617071ce506357ac9b505d39fa283833ec [diff] [blame]