| Package | dnsmasq |
|---|---|
| Version | 2.72-3+deb8u6 |
| Related CVEs | CVE-2020-25681 CVE-2020-25682 CVE-2020-25683 CVE-2020-25684 CVE-2020-25687 |
Moshe Kol and Shlomi Oberman of JSOF discovered several vulnerabilities in dnsmasq, a small caching DNS proxy and DHCP/TFTP server. They could result in denial of service, cache poisoning or the execution of arbitrary code.
For Debian 8 jessie, these problems have been fixed in version 2.72-3+deb8u6.
We recommend that you upgrade your dnsmasq packages.
Further information about Extended LTS security advisories can be found in the dedicated section of our website.