-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256
On 16/05/15 11:26, Santiago Ruano Rincón wrote: > Hi Simon, > > On Fri, May 15, 2015 at 04:24:30PM +0200, Santiago Ruano Rincón > wrote: ... >> I'm attaching the clean patch to fix CVE-2015-3294. > > These other CVEs are related each other and still affect dnsmasq > in squeeze and wheeze: > https://security-tracker.debian.org/tracker/CVE-2012-3411 > https://security-tracker.debian.org/tracker/CVE-2013-0198 > > As far as I understand, your fix to those bugs introduces the new > --bind-dynamic option in dnsmasq. This fix also depends on libvirt, > that needs to be modified to pass --bind-dynamic instead of > --bind-interfaces. Please, correct me if I'm wrong. > > Given that in Debian they have been classified as low priority, do > you think it's worth to do adapt those changes into squeeze and > wheeze? > Your analysis is correct, and I think it's really not worth the (large) amount of effort required. Cheers, Simon. > Best regards, > > Santiago > -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIcBAEBCAAGBQJVV3vXAAoJEBXN2mrhkTWiKbQP/2mGC4ewKPjkdllfHaJOqhbE eycI8mmdVCoyUHGrOOMi6yp985vG7S5tlePsZBTW5INOtSjtq16yqAhwUoy5cjdc ax1K7iD5qoaQahNj5vlLCZ0/M/y0x452J6vlkjUlkNDnC76RKQrnjZpcoG83NMiK tfb4rr6W6zuUObTO5U73y4lcM4gMMUp8YRUL9ibtpaBVaW/eCRBBc/i7sOaVTRCG dKdBRh/XgcNo9a/gBAVYBiu6DeBxpBIHt16fXyoSJ/UzyvXpBO4jWUsmmIlZRw9j t/lcqL0SQRRRUk2ATyZOSYb7pNgv7RstG7JaXRlSsrKK105xPkUOIvpoDoYyfbxU /Nq+t4vokzIYLDFIDZO+LZ5qffqAMJEi+zHCWtqXo5CKiTnwDjUtuDu21v5Pz/wB MQz2gNZfxiOmZoV2mgVwj7Hy471MHKP308pOe3jRfH/L09jwCAh/zFklKvjFA6/+ HfzOgziATtUO6rxWLDMd0FH6C0IINjsUP2EUtrG0ztEHkTg21OPzkHY4H5FUpKUb YekWLEPBsFuWPkQfAIZlzF8cGvFL67MmWMY5C0Kpy71BDfvemC4GpHaZm9Eb7oN2 L8CuaqEWPH6vLDNGMa1NtCCl+nsOKW8U2x6rnimMV/+MaZsoe2Z19kIrP8WtmgJH EhgXBERF1nfrU/4yQWJ6 =XVyZ -----END PGP SIGNATURE----- -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
