UbuntuUpdates.org

Package "dnsmasq-base"

Name: dnsmasq-base

Description:

Small caching DNS proxy and DHCP/TFTP server
Latest version: 2.90-0ubuntu0.22.04.3
Release: jammy (22.04)
Level: updates
Repository: main
Head package: dnsmasq
Homepage: http://www.thekelleys.org.uk/dnsmasq/doc.html

Links

All versions of this package
Bug fixes

List of files in package
Repository home page

Download "dnsmasq-base"

32-bit deb package
64-bit deb package
APT INSTALL

Other versions of "dnsmasq-base" in Jammy

Repository Area Version
base main 2.86-1.1
security main 2.90-0ubuntu0.22.04.3
proposed main 2.90-0ubuntu0.22.04.2

Changelog

Version: 2.90-0ubuntu0.22.04.3 2026-05-12 10:08:01 UTC

  dnsmasq (2.90-0ubuntu0.22.04.3) jammy-security; urgency=medium

  * SECURITY UPDATE: Heap buffer overflow on malicious caches in DNS
    forwarding.
    - debian/patches/CVE-2026-2291.patch: Expand char name size in
      src/dnsmasq.h.
    - CVE-2026-2291
  * SECURITY UPDATE: NSEC bitmap parsing infinite loop
    - debian/patches/CVE-2026-4890.patch: Correct erroneous iteration index
      in src/dnssec.c
    - CVE-2026-4890
  * SECURITY UPDATE: Unbounded length field in RRSIG packets.
    - debian/patches/CVE-2026-4891.patch: Validate rdlen in src/dnssec.c
    - CVE-2026-4891
  * SECURITY UPDATE: Buffer overflow in create_helper
    - debian/patches/CVE-2026-4892.patch: Add upper bound to for loop in
      src/helper.c
    - CVE-2026-4892
  * SECURITY UPDATE: Erroneous client subnet validation
    - debian/patches/CVE-2026-4893.patch: Fixed length passed to check_source
      in src/forward.c
    - CVE-2026-4893
  * SECURITY UPDATE: Buffer overflow in extract_addresses.
    - debian/patches/CVE-2026-5172.patch: Check index after extracting name
      in src/rfc1035.c
    - CVE-2026-5172
  * This update does not include the changes from 2.90-0ubuntu0.22.04.2.

 -- Kyle Kernick <email address hidden> Wed, 29 Apr 2026 13:56:04 -0600
Source diff to previous version
CVE-2026-2291 dnsmasqs extract_name() function can be abused to cause a heap buffer overflow, allowing an attacker to inject false DNS cache entries, which could r
CVE-2026-4890 A Denial of Service (DoS) vulnerability in the DNSSEC validation of dnsmasq allows remote attackers to cause a denial of service via a crafted DNS pa
CVE-2026-4891 A heap-based out-of-bounds read vulnerability in the DNSSEC validation of dnsmasq allows remote attackers to cause a denial of service via a crafted
CVE-2026-4892 A heap-based out-of-bounds write vulnerability in the DHCPv6 implementation of dnsmasq allows local attackers to execute arbitrary code with root pri
CVE-2026-4893 An information disclosure vulnerability in dnsmasq allows remote attackers to bypass source checks via a crafted DNS packet with RFC 7871 client subn
CVE-2026-5172 A buffer overflow in dnsmasq’s extract_addresses() function allows an attacker to trigger a heap out-of-bounds read and crash by exploiting a malform

Version: 2.90-0ubuntu0.22.04.1 2024-02-26 16:06:59 UTC

  dnsmasq (2.90-0ubuntu0.22.04.1) jammy-security; urgency=medium

  * Updated to 2.90 to fix multiple security issues.
    - debian/rules: specify lua version with LUA.
    - CVE-2023-50387, CVE-2023-50868
  * Convert package to source format 3.0 to ease maintenance going forward.

 -- Marc Deslauriers <email address hidden> Wed, 14 Feb 2024 14:23:43 -0500
Source diff to previous version
CVE-2023-50387 Certain DNSSEC aspects of the DNS protocol (in RFC 4033, 4034, 4035, 6840, and related RFCs) allow remote attackers to cause a denial of service (CPU
CVE-2023-50868 The Closest Encloser Proof aspect of the DNS protocol (in RFC 5155 when RFC 9276 guidance is skipped) allows remote attackers to cause a denial of se

Version: 2.86-1.1ubuntu0.5 2024-01-31 21:10:49 UTC

  dnsmasq (2.86-1.1ubuntu0.5) jammy; urgency=medium

  * src/dnsmasq.c: Fix a crash that can happen when an empty resolv.conf is
    reloaded (LP: #2045570)
  * src/helper.c: Fix wrong client address for dhcp-script when DHCPv4 relay
    in use (LP: #2042587)

 -- Andreas Hasenack <email address hidden> Thu, 11 Jan 2024 09:21:27 -0300
Source diff to previous version
2045570 dnsmasq crash when no servers in resolv.conf
2042587 jammy's version breaks existing dhcp scripts with relay

Version: 2.86-1.1ubuntu0.4 2024-01-09 22:06:58 UTC

  dnsmasq (2.86-1.1ubuntu0.4) jammy; urgency=medium

  * src/dnsmasq.h, src/domain-match.c: Fix confusion when using resolvconf
    servers (combining server|address for a domain), resulting in the struct
    server datastructure for server=/domain/# getting passed to
    forward_query(), rapidly followed by a SEGV. This fix makes
    server=/domain/# a fully fledged member of the priority list.
    The code added here is a cherry pick released in upstream version
    2.87, originating at
    https://thekelleys.org.uk/gitweb/?p=dnsmasq.git;a=commit;h=de372d69
    (LP: #2015562)

 -- Miriam España Acebal <email address hidden> Thu, 20 Apr 2023 11:00:27 +0200
Source diff to previous version
2015562 [SRU] Segfault in dnsmasq when using certain static domain entries + DoH (bugfix possibly exists upstream)

Version: 2.86-1.1ubuntu0.3 2023-04-20 13:07:09 UTC

  dnsmasq (2.86-1.1ubuntu0.3) jammy-security; urgency=medium

  * SECURITY UPDATE: IP fragmentation
    - src/config.h: update default max EDNS_PKTSZ to 1232 as agreed on
      dnsflagday 2020.
    - man/dnsmasq.8: updating documentation to reflect new default max
      EDNS_PKTSZ.
    - eb92fb32b746f2104b0f370b5b295bb8dd4bd5e5
    - CVE-2023-28450

 -- Ian Constantin <email address hidden> Tue, 18 Apr 2023 11:11:46 +0300
CVE-2023-28450 An issue was discovered in Dnsmasq before 2.90. The default maximum EDNS.0 UDP packet size was set to 4096 but should be 1232 because of DNS Flag Day


About   -   Send Feedback to @ubuntu_updates