On 2/10/22 16:12, Seo Suchan wrote:
looks like those dnsmasq exploits aren't real
bugs never looked by human (no commit related by it), but bots confirmed
that thoses look fixed by commit 011f8cf1d011ade2f9e7231fca3cabfb1e8eaf06
https://oss-fuzz.com/revisions?job=afl_asan_dnsmasq&range=202112300601:202201020605
<https://oss-fuzz.com/revisions?job=afl_asan_dnsmasq&range=202112300601:202201020605>
when I read that commit it looks like 2.86 had bug that faild to build
on gcc 4.8 and it caused fuzzer to get immediately crash, producing
bunch of 'exploits'
Thanks for that information. Do you know about some official statement
about this?
I fixed some other problems in OpenWrt 21.02:
* Linux: update to latests minor version
* hostapd: backport the patches
* wolfssl: update to recent version
* tcpdump: backport a patch
* mbedtls: update to new LTS version
* glibc: Update to latest minor version
Hauke
_______________________________________________
openwrt-devel mailing list
openwrt-devel@lists.openwrt.org
https://lists.openwrt.org/mailman/listinfo/openwrt-devel