openwrtv4/package/network/services
Kevin Darbyshire-Bryant ca79337306 dnsmasq: forward.c: fix CVE-2017-13704
Fix SIGSEGV in rfc1035.c answer_request() line 1228 where memset()
is called with header & limit pointing at the same address and thus
tries to clear memory from before the buffer begins.

answer_request() is called with an invalid edns packet size provided by
the client.  Ensure the udp_size provided by the client is bounded by
512 and configured maximum as per RFC 6891 6.2.3 "Values lower than 512
MUST be treated as equal to 512"

The client that exposed the problem provided a payload udp size of 0.

Signed-off-by: Kevin Darbyshire-Bryant <kevin@darbyshire-bryant.me.uk>
Acked-by: Hans Dedecker <dedeckeh@gmail.com>
2017-08-30 17:05:10 +02:00
..
authsae treewide: clean up and unify PKG_VERSION for git based downloads 2016-12-22 16:42:21 +01:00
dnsmasq dnsmasq: forward.c: fix CVE-2017-13704 2017-08-30 17:05:10 +02:00
dropbear dropbear: add option to set max auth tries 2017-06-28 02:18:20 +02:00
ead network/services/ead: drop Build/Prepare rule in favor of default one 2016-10-15 11:36:52 +02:00
hostapd hostapd: add additional ubus notifications 2017-08-22 21:31:39 +02:00
igmpproxy treewide: clean up download hashes 2016-12-16 22:39:22 +01:00
ipset-dns treewide: clean up and unify PKG_VERSION for git based downloads 2016-12-22 16:42:21 +01:00
lldpd lldpd: bump to 0.9.7 2017-05-24 14:56:22 +02:00
odhcpd odhcpd: update to latest git HEAD 2017-08-16 21:25:16 +02:00
omcproxy omcproxy: Update to latest HEAD 2017-03-01 17:19:51 -08:00
openvpn openvpn: update to 2.4.3 2017-06-26 09:56:07 +02:00
openvpn-easy-rsa openvpn-easy-rsa: update to 3.0.1 2017-05-31 00:28:26 +02:00
ppp ppp: propagate master firewall zone to dynamic slave interface 2017-05-31 16:49:59 +02:00
relayd relayd: fix making incomplete instance json data 2017-02-25 20:16:59 +08:00
samba36 samba36-net: new package 2017-08-23 15:08:39 +02:00
uhttpd uhttpd: Enable integrated Lua by default 2017-05-16 16:57:01 +02:00
umdns umdns: remove superfluous include in init script 2017-06-02 01:29:32 +02:00