Re: OpenWrt 21.02 and 19.07 minor release

Mon, 14 Feb 2022 20:35:46 -0800

I just noticed 19.07 still looks at dnsmasq 2.80: which was effeced by series of vulnerablity CVE-2020-25681 <https://www.cvedetails.com/cve/CVE-2020-25681/> ~25685 and need to bumped at least to 2.85 like 21.02 as CVE-2021-3448 <https://www.cvedetails.com/cve/CVE-2021-3448/> is fixed by 2.85rc1 - would just copying 21.02's dnsmasq makefiles (and patches) be enough to fix this? 

2022-02-13 오전 9:26에 Hauke Mehrtens 이(가) 쓴 글:



Thanks for that information. Do you know about some official statement 
about this?


I fixed some other problems in OpenWrt 21.02:
* Linux: update to latests minor version
* hostapd: backport the patches
* wolfssl: update to recent version
* tcpdump: backport a patch
* mbedtls: update to new LTS version
* glibc: Update to latest minor version

Hauke

_______________________________________________
openwrt-devel mailing list
openwrt-devel@lists.openwrt.org
https://lists.openwrt.org/mailman/listinfo/openwrt-devel


_______________________________________________
openwrt-devel mailing list
openwrt-devel@lists.openwrt.org
https://lists.openwrt.org/mailman/listinfo/openwrt-devel






















					Reply via email to