{"affected":[{"ecosystem_specific":{"binaries":[{"dnsmasq":"2.90-1.1"}]},"package":{"ecosystem":"SUSE:Linux Micro 6.0","name":"dnsmasq","purl":"pkg:rpm/suse/dnsmasq&distro=SUSE%20Linux%20Micro%206.0"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"2.90-1.1"}],"type":"ECOSYSTEM"}]}],"aliases":[],"details":"This update for dnsmasq fixes the following issues:\n\n- Update to 2.90:\n\n  * CVE-2023-50387, CVE-2023-50868: Fixed a Denial Of Service while trying\n    to validate specially crafted DNSSEC responses (bsc#1219823, bsc#1219826).\n  * Fix reversion in --rev-server introduced in 2.88 which caused\n    breakage if the prefix length is not exactly divisible by 8\n    (IPv4) or 4 (IPv6).\n  * Fix possible SEGV when there server(s) for a particular domain\n    are configured, but no server which is not qualified for a\n    particular domain.\n  * Set the default maximum DNS UDP packet sice to 1232.\n  * Add --no-dhcpv4-interface and --no-dhcpv6-interface for better\n    control over which interfaces are providing DHCP service.\n  * Fix issue with stale caching\n  * Add configurable caching for arbitrary RR-types.\n  * Add --filter-rr option, to filter arbitrary RR-types.\n\n- SLP got dropped, remove config (bsc#1214884)\n","id":"SUSE-SU-2025:20118-1","modified":"2025-02-03T09:22:40Z","published":"2025-02-03T09:22:40Z","references":[{"type":"ADVISORY","url":"https://www.suse.com/support/update/announcement/2025/suse-su-202520118-1/"},{"type":"REPORT","url":"https://bugzilla.suse.com/1214884"},{"type":"REPORT","url":"https://bugzilla.suse.com/1219823"},{"type":"REPORT","url":"https://bugzilla.suse.com/1219826"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2023-28450"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2023-50387"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2023-50868"}],"related":["CVE-2023-28450","CVE-2023-50387","CVE-2023-50868"],"summary":"Security update for dnsmasq","upstream":["CVE-2023-28450","CVE-2023-50387","CVE-2023-50868"]}