Debian Security Advisory

DLA-225-1 dnsmasq -- LTS security update

Date Reported:
20 May 2015
Affected Packages:
dnsmasq
Vulnerable:
Yes
Security database references:
In the Debian bugtracking system: Bug 783459.
In Mitre's CVE dictionary: CVE-2015-3294.
More information:

The following vulnerability vulnerability was found in dnsmasq:

  • CVE-2015-3294

    Remote attackers could read process memory and cause DoS via malformed DNS requests.

For Debian 6 Squeeze, these issues have been fixed in dnsmasq version 2.55-2+deb6u1.