Age | Commit message (Collapse) | Author | Files | Lines | |
---|---|---|---|---|---|
2021-01-29 | Handle multiple identical near simultaneous DNS queries better.tizen_5.5 | Seonah Moon | 3 | -30/+149 | |
Previously, such queries would all be forwarded independently. This is, in theory, inefficent but in practise not a problem, _except_ that is means that an answer for any of the forwarded queries will be accepted and cached. An attacker can send a query multiple times, and for each repeat, another {port, ID} becomes capable of accepting the answer he is sending in the blind, to random IDs and ports. The chance of a succesful attack is therefore multiplied by the number of repeats of the query. The new behaviour detects repeated queries and merely stores the clients sending repeats so that when the first query completes, the answer can be sent to all the clients who asked. Refer: CERT VU#434904. Backported for CVE-2020-25686 Change-Id: I2b4dfd8ff28b72ad67da4eacf2a8baa98d7eb5d9 | |||||
2021-01-29 | Use SHA-256 to provide security against DNS cache poisoning. | Seonah Moon | 9 | -124/+303 | |
Use the SHA-256 hash function to verify that DNS answers received are for the questions originally asked. This replaces the slightly insecure SHA-1 (when compiled with DNSSEC) or the very insecure CRC32 (otherwise). Refer: CERT VU#434904. Backported for CVE-2020-25685 Change-Id: I4436a08c0ee5d63a97b4ae4f2138b73d74aac7bc | |||||
2021-01-29 | Check destination of DNS UDP query replies. | Seonah Moon | 2 | -15/+34 | |
At any time, dnsmasq will have a set of sockets open, bound to random ports, on which it sends queries to upstream nameservers. This patch fixes the existing problem that a reply for ANY in-flight query would be accepted via ANY open port, which increases the chances of an attacker flooding answers "in the blind" in an attempt to poison the DNS cache. CERT VU#434904 refers. Backported for CVE-2020-25684 Change-Id: I11790b18ad6e179a6f3f47fee310cd00ab3c7cdd | |||||
2021-01-29 | Fix remote buffer overflow CERT VU#434904 | Seonah Moon | 2 | -136/+169 | |
The problem is in the sort_rrset() function and allows a remote attacker to overwrite memory. Any dnsmasq instance with DNSSEC enabled is vulnerable. Backported for CVE-2020-25681, CVE-2020-25682, CVE-2020-25683, CVE-2020-25687 Change-Id: If6e31a6418c113c7e390166ea32378eb1d9a5470 | |||||
2018-06-21 | Fix crash issuetizen_6.0.m2_releasetizen_5.5.m2_releasesubmit/tizen_6.0_hotfix/20201103.115101submit/tizen_6.0_hotfix/20201102.192901submit/tizen_6.0/20201029.205501submit/tizen_5.5_wearable_hotfix/20201026.184306submit/tizen_5.5_mobile_hotfix/20201026.185106submit/tizen_5.5/20191031.000006submit/tizen_5.0/20181101.000006submit/tizen/20180621.080823accepted/tizen/unified/20180622.122621accepted/tizen/6.0/unified/hotfix/20201102.235526accepted/tizen/6.0/unified/20201030.104344accepted/tizen/5.5/unified/wearable/hotfix/20201027.102254accepted/tizen/5.5/unified/mobile/hotfix/20201027.062024accepted/tizen/5.5/unified/20191031.005105accepted/tizen/5.0/unified/20181102.024411tizen_6.0_hotfixtizen_5.5_wearable_hotfixtizen_5.5_tvtizen_5.5_mobile_hotfixaccepted/tizen_6.0_unified_hotfixaccepted/tizen_5.5_unified_wearable_hotfixaccepted/tizen_5.5_unified_mobile_hotfixaccepted/tizen_5.5_unifiedaccepted/tizen_5.0_unified | Seonah Moon | 2 | -3/+18 | |
SIGBUS crash has occured when ipv6 address is copied. Change-Id: Ie58721f2f8aa909c61d97c7640f0897bfdb5383e | |||||
2018-06-21 | Update to 2.79 | Seonah Moon | 91 | -10791/+14604 | |
Change-Id: I36382b896dd583a66872d458f1c3b55461a9e95d | |||||
2018-06-21 | Imported Upstream version 2.79upstream/2.79 | Seonah Moon | 89 | -10735/+14603 | |
Change-Id: I9a2f4c945e0481ab803bdf0c85921433f33a9256 Signed-off-by: Seonah Moon <seonah1.moon@samsung.com> | |||||
2018-02-20 | Security fix, CVE-2017-14496, Integer underflow in DNS response creation.submit/tizen/20180222.013450accepted/tizen/unified/20180222.142138 | Seonah Moon | 1 | -0/+4 | |
Fix DoS in DNS. Invalid boundary checks in the add_pseudoheader function allows a memcpy call with negative size An attacker which can send malicious DNS queries to dnsmasq can trigger a DoS remotely. dnsmasq is vulnerable only if one of the following option is specified: --add-mac, --add-cpe-id or --add-subnet. http://thekelleys.org.uk/gitweb/?p=dnsmasq.git;a=commit;h=897c113fda0886a28a986cc6ba17bb93bd6cb1c7 Change-Id: I4171560a179639755a115abfc381f03aa54f3bab Signed-off-by: Seonah Moon <seonah1.moon@samsung.com> | |||||
2018-02-20 | Security fix, CVE-2017-14494, Infoleak handling DHCPv6 forwarded requests. | Seonah Moon | 1 | -0/+3 | |
Fix information leak in DHCPv6. A crafted DHCPv6 packet can cause dnsmasq to forward memory from outside the packet buffer to a DHCPv6 server when acting as a relay. http://thekelleys.org.uk/gitweb/?p=dnsmasq.git;a=commit;h=33e3f1029c9ec6c63e430ff51063a6301d4b2262 Change-Id: Ia97bfc821fdb07ed599e4b4fa177280e0e52c8fa Signed-off-by: Seonah Moon <seonah1.moon@samsung.com> | |||||
2018-02-20 | Fix CVE-2017-13704, which resulted in a crash on a large DNS query. | Seonah Moon | 1 | -0/+8 | |
A DNS query recieved by UDP which exceeds 512 bytes (or the EDNS0 packet size, if different.) is enough to cause SIGSEGV. http://thekelleys.org.uk/gitweb/?p=dnsmasq.git;a=commit;h=63437ffbb58837b214b4b92cb1c54bc5f3279928 Change-Id: I93a69c8e308479c0abcd64eea071473419d80946 Signed-off-by: Seonah Moon <seonah1.moon@samsung.com> | |||||
2018-02-19 | Security fix, CVE-2017-14493, DHCPv6 - Stack buffer overflow. | Seonah Moon | 1 | -325/+328 | |
Fix stack overflow in DHCPv6 code. An attacker who can send a DHCPv6 request to dnsmasq can overflow the stack frame and crash or control dnsmasq. Change-Id: I4474cd7d752e62c1251fedbc4f0f7c324bcca033 Signed-off-by: Seonah Moon <seonah1.moon@samsung.com> | |||||
2018-02-19 | Security fix, CVE-2017-14492, DHCPv6 RA heap overflow. | Seonah Moon | 1 | -0/+3 | |
Fix heap overflow in IPv6 router advertisement code. This is a potentially serious security hole, as a crafted RA request can overflow a buffer and crash or control dnsmasq. Attacker must be on the local network. http://thekelleys.org.uk/gitweb/?p=dnsmasq.git;a=commit;h=24036ea507862c7b7898b68289c8130f85599c10 Change-Id: I3218bd52bda0c540a1c52d378b8d1b6e9ed50455 Signed-off-by: Seonah Moon <seonah1.moon@samsung.com> | |||||
2018-01-25 | Security fix, CVE-2017-14491, DNS heap buffer overflow.(2)submit/tizen/20180125.231631accepted/tizen/unified/20180126.042808 | Seonah Moon | 1 | -7/+10 | |
Further fix to 0549c73b7ea6b22a3c49beb4d432f185a81efcbc Handles case when RR name is not a pointer to the question, only occurs for some auth-mode replies, therefore not detected by fuzzing (?) http://thekelleys.org.uk/gitweb/?p=dnsmasq.git;a=commit;h=62cb936cb7ad5f219715515ae7d32dd281a5aa1f Change-Id: I7f7fb931776dc3a9fa50a2811758c1da6dd44f0d Signed-off-by: Seonah Moon <seonah1.moon@samsung.com> | |||||
2018-01-25 | Security fix, CVE-2017-14491, DNS heap buffer overflow.(1) | Seonah Moon | 7 | -18/+54 | |
Fix heap overflow in DNS code. This is a potentially serious security hole. It allows an attacker who can make DNS requests to dnsmasq, and who controls the contents of a domain, which is thereby queried, to overflow (by 2 bytes) a heap buffer and either crash, or even take control of, dnsmasq. http://thekelleys.org.uk/gitweb/?p=dnsmasq.git;a=commit;h=0549c73b7ea6b22a3c49beb4d432f185a81efcbc Change-Id: I3cc432632f51e89b888f3a5d999ba422c134847a Signed-off-by: Seonah Moon <seonah1.moon@samsung.com> | |||||
2017-08-09 | Apply ASLRtizen_4.0.m2_releasetizen_4.0.IoT.p2_releasetizen_4.0.IoT.p1_releasesubmit/tizen_4.0/20170828.100005submit/tizen/20170811.040030accepted/tizen/unified/20170814.060046accepted/tizen/4.0/unified/20170828.222315 | Seonah Moon | 1 | -1/+2 | |
Change-Id: I736599d7bd407a52c6904f121971659cc73bd94d | |||||
2017-06-22 | Remove unused license file (GPL-3.0+)submit/tizen_4.0/20170811.094300submit/tizen/20170623.032609accepted/tizen/unified/20170630.083334accepted/tizen/4.0/unified/20170816.011440 | Seonah Moon | 1 | -674/+0 | |
Change-Id: I37057ff71feaab207ef877db850402f8ecb449d2 Signed-off-by: Seonah Moon <seonah1.moon@samsung.com> | |||||
2017-05-31 | Fix crash when empty address from DNS overlays A record from hostssubmit/tizen/20170601.042236accepted/tizen/unified/20170602.154229 | Seonah Moon | 1 | -1/+1 | |
Upstream patch is backported to resolve CVE-2015-8899 http://thekelleys.org.uk/gitweb/?p=dnsmasq.git;a=commit;h=41a8d9e99be9f2cc8b02051dd322cb45e0faac87 Change-Id: I1024adcb4b563130a1656edcb1e093c2e28e8cea Signed-off-by: Seonah Moon <seonah1.moon@samsung.com> | |||||
2017-04-03 | Added network_fw policy for dbustizen_4.0.m1_releasesubmit/tizen/20170410.045716accepted/tizen/unified/20170410.155810 | Seonah Moon | 1 | -3/+7 | |
Change-Id: Ia6b8562f51f3402fdec2ec090a7f28a308df95bc Signed-off-by: Seonah Moon <seonah1.moon@samsung.com> | |||||
2017-03-28 | Used %licesne macro for license filesubmit/tizen/20170328.111440accepted/tizen/wearable/20170329.034851accepted/tizen/unified/20170329.034931accepted/tizen/tv/20170329.034843accepted/tizen/mobile/20170329.034824accepted/tizen/ivi/20170329.034905accepted/tizen/common/20170329.171913accepted/tizen_wearableaccepted/tizen_tvaccepted/tizen_mobileaccepted/tizen_iviaccepted/tizen_common | Seonah Moon | 1 | -3/+1 | |
Change-Id: I8abf444c343f504578fe0848b019ccc5f4b61c1b Signed-off-by: Seonah Moon <seonah1.moon@samsung.com> | |||||
2017-03-24 | Merge tag 'upstream/2.74' into tizensubmit/tizen/20170324.043430accepted/tizen/wearable/20170324.111216accepted/tizen/unified/20170324.111206accepted/tizen/tv/20170324.111134accepted/tizen/mobile/20170324.110954accepted/tizen/ivi/20170324.111255accepted/tizen/common/20170324.122455 | Seonah Moon | 3 | -8/+678 | |
Imported Upstream version 2.74 Change-Id: I3dfe8f255eb72689fc45450c8651a5b778177cdb Signed-off-by: Seonah Moon <seonah1.moon@samsung.com> | |||||
2017-03-22 | Imported Upstream version 2.74upstream/2.74 | taesub kim | 7 | -135/+679 | |
Change-Id: I1ad6da6e04372b0e2f1b625ff1662d77616e603e | |||||
2017-03-22 | Revert "Imported Upstream version 2.74" | taesub kim | 7 | -679/+135 | |
This reverts commit 50d251b7504e58ac58abc184ee9fe4c5b74ec387. Change-Id: Ib37a4bd14f141095f4c4b7432e1c923d283311bf | |||||
2017-03-22 | Imported Upstream version 2.74 | taesub kim | 7 | -135/+679 | |
Change-Id: If275adb44c88ff3daee1397fb7ae8a22e0f5ddbc | |||||
2016-09-22 | [CVE-2015-8899] Fix crash when empty address from DNS overlays A record from ↵submit/tizen_unified/20170308.100412submit/tizen_3.0_wearable/20161015.000001submit/tizen_3.0_tv/20161015.000001submit/tizen_3.0_mobile/20161015.000001submit/tizen_3.0_ivi/20161010.000001submit/tizen_3.0_common/20161104.104000submit/tizen_3.0.m2/20170104.093752submit/tizen/20160922.020431accepted/tizen/wearable/20160922.233156accepted/tizen/unified/20170309.035232accepted/tizen/tv/20160922.233159accepted/tizen/mobile/20160922.233153accepted/tizen/ivi/20160922.233202accepted/tizen/common/20160922.120630accepted/tizen/3.0/wearable/20161015.081710accepted/tizen/3.0/tv/20161016.003723accepted/tizen/3.0/mobile/20161015.032533accepted/tizen/3.0/ivi/20161011.043659accepted/tizen/3.0/common/20161114.110523accepted/tizen/3.0.m2/wearable/20170105.024320accepted/tizen/3.0.m2/tv/20170105.024014accepted/tizen/3.0.m2/mobile/20170105.023648tizen_3.0_tvtizen_3.0.m2accepted/tizen_3.0.m2_wearableaccepted/tizen_3.0.m2_tvaccepted/tizen_3.0.m2_mobile | Seonah Moon | 1 | -1/+1 | |
hosts Dnsmasq before 2.76 allows remote servers to cause a denial of service (crash) via a reply with an empty DNS address that has an (1) A or (2) AAAA record defined locally. - CVE: https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-8899 - Patch: http://thekelleys.org.uk/gitweb/?p=dnsmasq.git;a=commit;h=41a8d9e99be9f2cc8b02051dd322cb45e0faac87 Change-Id: If86a54c0696fea852bb9bc2f8aeece6bd6bb1598 Signed-off-by: Seonah Moon <seonah1.moon@samsung.com> | |||||
2016-09-02 | Add dbus policy for network_fwsubmit/tizen/20160907.012754submit/tizen/20160907.003226accepted/tizen/wearable/20160908.003608accepted/tizen/tv/20160908.003544accepted/tizen/mobile/20160908.003506accepted/tizen/ivi/20160908.003634accepted/tizen/common/20160907.154201 | Seonah Moon | 1 | -3/+7 | |
Change-Id: I3ccc0dcd1a96299bcdc3c26a125c7cff4ee25231 Signed-off-by: Seonah Moon <seonah1.moon@samsung.com> | |||||
2016-06-13 | Modify the license to GPLv2 onlysubmit/tizen/20160613.080206accepted/tizen/wearable/20160613.123748accepted/tizen/tv/20160613.123639accepted/tizen/mobile/20160613.123811accepted/tizen/ivi/20160613.123654accepted/tizen/common/20160613.144924 | Seonah Moon | 2 | -675/+1 | |
Change-Id: I5e08f91c58ec8fc72c3cb61a3581ca4eb97c3298 Signed-off-by: Seonah Moon <seonah1.moon@samsung.com> | |||||
2016-06-03 | [TSAM-4139, TSAM-4233] Enable dbus option (HAVE_DBUS)submit/tizen/20160603.084726accepted/tizen/wearable/20160603.122556accepted/tizen/tv/20160603.122312accepted/tizen/mobile/20160603.122121accepted/tizen/ivi/20160603.122713accepted/tizen/common/20160603.151105 | Seonah Moon | 1 | -1/+1 | |
Change-Id: I6d0f0e43a365dc39d30d2e820a080412b396170c Signed-off-by: Seonah Moon <seonah1.moon@samsung.com> | |||||
2016-04-20 | Add libtzplatform-config to BuildRequiressubmit/tizen/20160420.044034accepted/tizen/wearable/20160421.010606accepted/tizen/tv/20160421.010548accepted/tizen/mobile/20160421.010617accepted/tizen/ivi/20160421.010605accepted/tizen/common/20160420.141622 | Seonah Moon | 1 | -0/+1 | |
Change-Id: Ib66f113c7d067c0dc38436719cf78969048560d9 Signed-off-by: Seonah Moon <seonah1.moon@samsung.com> | |||||
2016-04-07 | Update to 2.74submit/tizen/20160407.062043accepted/tizen/wearable/20160407.111603accepted/tizen/tv/20160407.111550accepted/tizen/mobile/20160407.111534accepted/tizen/ivi/20160407.111623accepted/tizen/common/20160407.132919 | Seonah Moon | 84 | -9054/+36806 | |
Change-Id: Ic7e94612466be7786c3d2b0724d745c7720e01c9 Signed-off-by: Seonah Moon <seonah1.moon@samsung.com> | |||||
2016-03-11 | Modified hardcoded path to TZ_*submit/tizen/20160311.050645accepted/tizen/wearable/20160311.062040accepted/tizen/tv/20160311.062030accepted/tizen/mobile/20160311.062011accepted/tizen/ivi/20160311.062104accepted/tizen/common/20160311.201903 | Seonah Moon | 1 | -1/+1 | |
Change-Id: I4a9164181461e1adc76a6be7946be6a9f160c761 Signed-off-by: Seonah Moon <seonah1.moon@samsung.com> | |||||
2015-11-17 | Base code merged to SPIN 2.4submit/tizen_ivi/20160217.000004submit/tizen_ivi/20160217.000000submit/tizen_common/20151229.154718submit/tizen_common/20151229.144031submit/tizen_common/20151229.142028submit/tizen/20151117.062743accepted/tizen/wearable/20151117.094211accepted/tizen/tv/20151117.094204accepted/tizen/mobile/20151117.094145accepted/tizen/ivi/20160218.024232 | Seonah Moon | 10 | -190/+19 | |
Change-Id: I41a02810399e793c4a2fcdd0a3acd7f11c5a222e Signed-off-by: Seonah Moon <seonah1.moon@samsung.com> | |||||
2015-11-10 | Apply Cynara privilege checks to dbus conf file | Oskar Świtalski | 1 | -2/+10 | |
For SetServers and ClearCache methods check network.set privilege, allow for everyone GetVersion method Change-Id: Ic586d0947f8bdc1c6c96bdd40e22738a7dc63af8 Signed-off-by: Oskar Świtalski <o.switalski@samsung.com> | |||||
2015-11-03 | Install configure file to use d-bus on cynara policysubmit/tizen/20151103.065656accepted/tizen/wearable/20151103.075254accepted/tizen/tv/20151103.075251accepted/tizen/mobile/20151103.075244 | Seonah Moon | 2 | -3/+6 | |
Change-Id: I4cda657d18f4e8788c7d9875adc34c9d4adae422 Signed-off-by: Seonah Moon <seonah1.moon@samsung.com> | |||||
2014-12-12 | cleaned spec file: added group and license fields | Nicolas Zingilé | 1 | -18/+16 | |
Change-Id: If3c4f77fc9b861a2978da0eee7293197c576f6fc Bug-Tizen: TC-1230 Signed-off-by: Nicolas Zingilé <nicolas.zingile@open.eurogiciel.org> | |||||
2013-06-29 | resetting manifest requested domain to floortizen_3.0_ivi_releasetizen_3.0.m2.a1_tv_releasetizen_3.0.m2.a1_mobile_releasetizen_3.0.m1_tv_releasetizen_3.0.m1_mobile_releasetizen_3.0.m14.3_ivi_releasetizen_3.0.m14.2_ivi_releasetizen_3.0.2014.q3_common_releasesubmit/tizen_mobile/20141120.000000submit/tizen_ivi_genivi/20140131.024518submit/tizen_common/20151026.085049submit/tizen_common/20151023.083358submit/tizen/20130912.075709submit/tizen/20130710.130249ivi_oct_m2accepted/tizen/ivi/genivi/20140131.030646accepted/tizen/20130912.093301accepted/tizen/20130912.085839accepted/tizen/20130912.083419accepted/tizen/20130710.220917tizen_ivi_genivitizen_3.0_ivitizen_3.0.m1_tvtizen_3.0.m1_mobiletizen_3.0.m14.3_ivitizen_3.0.m14.2_ivitizen_3.0.2015.q2_commontizen_3.0.2015.q1_commontizen_3.0.2014.q4_commontizen_3.0.2014.q3_commonaccepted/tizen_genericaccepted/tizen_3.0.m14.3_iviaccepted/tizen_3.0.2014.q3_commonaccepted/tizen/ivi/stableaccepted/tizen/ivi/genivi | Alexandru Cornea | 3 | -6/+8 | |
2013-03-16 | merge with mastersubmit/tizen_2.1/20130424.231154submit/tizen/20130517.045851accepted/tizen_2.1/20130425.035315accepted/tizen/20130520.1017262.1b_releasetizen_2.1 | Jinkun Jang | 2 | -10/+7 | |
2013-03-13 | Tizen 2.1 base | Jinkun Jang | 108 | -0/+49350 | |
2012-08-21 | Initial empty repository | Jung Minsun | 0 | -0/+0 | |