Protect yourself against future threats.
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 =========================================================================== AUSCERT External Security Bulletin Redistribution ESB-2018.3019 dnsmasq update 5 October 2018 =========================================================================== AusCERT Security Bulletin Summary --------------------------------- Product: dnsmasq Publisher: Debian Operating System: Debian GNU/Linux 8 Impact/Access: Reduced Security -- Unknown/Unspecified Resolution: Patch/Upgrade Original Bulletin: https://lists.debian.org/debian-lts-announce/2018/10/msg00004.html - --------------------------BEGIN INCLUDED TEXT-------------------- Package : dnsmasq Version : 2.72-3+deb8u4 Debian Bug : 907887 dnsmasq, a DNS forwarder and DHCP server, ships the DNS Root Zone Key Signing Key (KSK), used as the DNSSEC trust anchor. ICANN will rollover the KSK in 11 October 2018, and DNS resolvers will need the new key (KSK-2017) to continue performing DNSSEC validation. This dnsmasq package update includes the latest key to prevent issues in scenarios where dnsmasq runs with DNSSEC enabled and it is using the trusted anchors file shipped with the package. Please note this is not the default configuration in Debian. For Debian 8 "Jessie", this problem has been fixed in version 2.72-3+deb8u4. We recommend that you upgrade your dnsmasq packages. Further information about Debian LTS security advisories, how to apply these updates to your system and frequently asked questions can be found at: https://wiki.debian.org/LTS - -----BEGIN PGP SIGNATURE----- iQIzBAABCgAdFiEEwUqnBPVvaa0NAVzHFX/a4RXx4q0FAlu12HEACgkQFX/a4RXx 4q0ExRAAlv6CkQj6ANLlpU7znsHVhCZ4AE6bij46RgxOthLg75SzZbroPzbY/MlH HUgTHmyrLNVlAn7Bm/7uwi+GIkGMBaELChMlcpClQQSCZjYeASU+PpZZbr5wGSA1 E6CQo2yqAvn2oVrUtULwqwELeiTSigK9hAK8KvNEQ3ggP/GdVO1iueXDJMj5srG/ yIKTCyOYWs4LQCfhE9W7x8CXkHqfpwTDgNVrYs1Mm8Hx0WRkBf8TMY7aQuqm8Dxr YdpH0RqszKmQCeurfEr3fe3qNBnlVCtts93U3KWGrvah7b6w2m+l3nCY/29Zv8J4 QVSTUswsniYG/FTQhuIyC5YGe/UsCAzqkEW+S61JGnjG8OSvWIPDSZ82d4vXdeFe +NrRegc6qP66BxIGHM27JgTIqlvH/HaJd44kEEMpP4gxtlhCILFt/M7/RA5WPDaM rg4NDYm6W1Td6H3+QiJRK0CHaVNRYLQ3y4BaAQhhQUTp0TNV5nU02L8x1Rkq9Lul HDXBiK6f1cA/X9LPWBx2Z0VUV8VzCV7jSuvShhXJn7ojZnsAlNmZ0rBdvxWjim1U kuHyZzIxPgg5tSF9nOXK4zU1mWurphNTmHJnSGTl/R7cYP0IkbOgYeZLB0GHLNBR EpWcIkk05+dIOy4h8RuaxDBHvqv9vu2FuBxap2ZgQ7kOJwzqHA0= =x9lS - -----END PGP SIGNATURE----- - --------------------------END INCLUDED TEXT-------------------- You have received this e-mail bulletin as a result of your organisation's registration with AusCERT. The mailing list you are subscribed to is maintained within your organisation, so if you do not wish to continue receiving these bulletins you should contact your local IT manager. If you do not know who that is, please send an email to auscert@auscert.org.au and we will forward your request to the appropriate person. NOTE: Third Party Rights This security bulletin is provided as a service to AusCERT's members. As AusCERT did not write the document quoted above, AusCERT has had no control over its content. The decision to follow or act on information or advice contained in this security bulletin is the responsibility of each user or organisation, and should be considered in accordance with your organisation's site policies and procedures. AusCERT takes no responsibility for consequences which may arise from following or acting on information or advice contained in this security bulletin. NOTE: This is only the original release of the security bulletin. It may not be updated when updates to the original are made. If downloading at a later date, it is recommended that the bulletin is retrieved directly from the author's website to ensure that the information is still current. Contact information for the authors of the original document is included in the Security Bulletin above. If you have any questions or need further information, please contact them directly. Previous advisories and external security bulletins can be retrieved from: https://www.auscert.org.au/bulletins/ =========================================================================== Australian Computer Emergency Response Team The University of Queensland Brisbane Qld 4072 Internet Email: auscert@auscert.org.au Facsimile: (07) 3365 7031 Telephone: (07) 3365 4417 (International: +61 7 3365 4417) AusCERT personnel answer during Queensland business hours which are GMT+10:00 (AEST). On call after hours for member emergencies only. =========================================================================== -----BEGIN PGP SIGNATURE----- Comment: http://www.auscert.org.au/render.html?it=1967 iQIVAwUBW7bvkGaOgq3Tt24GAQhn7xAAyJ99CMT2g2jR9SYNDR3mSGtQzHWivgIx 3XuywLaSL95mA3V1Kj2TOwSAvAWTMytVTYcjAcox5P1ayoYnNfEedtb8UZTCMIYp GzI5TrtyRBRmM7E4bx4gLJVyVKs4+obDu99a4L/B7McHtZfxFi7wyhrMWWjefDkK Q6Y8AG8eP5gVTpm0moqoSi5iVqGsRpkajxntVMwm9WP8JNdKxRwtm/MW6mfotV+g KzKX2RhX6EcVh3uzwPFCqPHVqRfkqINXs8XPr4W/dqgSIaXBAXekgg9ge39M0qAL IOxEqVPFHZLyMux2MGikhH6Colp5ddS5z2fDigf5Czo3s2Ne9cz5TgprUS5dKORy iYhYCMpzJN7ft7uvcDAT5/tEB9AbqUZUPlep/7d0WQDpstiUDLQEc/UqekRzE+uH MOWf9yMt3x80TVs9W5ajtLUMUC89b30CrmtfHncIzwowibKw3SjVryt01uj0JE9y ezELF7x33eWol2UTZ4hUZpFBxWZuzlGGMmyzzWTHyP68Ru5NjvrbJxtFAbz+wBiu e5VtM2GeAeYSZrri7kaWMFZadBQlz+sKGHtti3f46+ykcVRvZ4MBEjNhe+jn1yH0 +GUkgk2LwH9vXqP5oDYk467CpuxU96HiCq6LRIRU6vmvFoKXEguEs8GQxyVmN84G O/g8WXhFyHg= =yCdV -----END PGP SIGNATURE-----