From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mp1 ([2001:41d0:2:4a6f::]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)) by ms11 with LMTPS id WKnQCofACGBpPwAA0tVLHw (envelope-from ) for ; Wed, 20 Jan 2021 23:45:11 +0000 Received: from aspmx1.migadu.com ([2001:41d0:2:4a6f::]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)) by mp1 with LMTPS id YHCXBofACGBHfQAAbx9fmQ (envelope-from ) for ; Wed, 20 Jan 2021 23:45:11 +0000 Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by aspmx1.migadu.com (Postfix) with ESMTPS id 9AEE39402A2 for ; Wed, 20 Jan 2021 23:45:10 +0000 (UTC) Received: from localhost ([::1]:39482 helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1l2N9x-00075j-GC for larch@yhetil.org; Wed, 20 Jan 2021 18:45:09 -0500 Received: from eggs.gnu.org ([2001:470:142:3::10]:40004) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1l2N9q-00075a-HK for guix-patches@gnu.org; Wed, 20 Jan 2021 18:45:02 -0500 Received: from debbugs.gnu.org ([209.51.188.43]:44907) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.90_1) (envelope-from ) id 1l2N9q-0004iE-9q for guix-patches@gnu.org; Wed, 20 Jan 2021 18:45:02 -0500 Received: from Debian-debbugs by debbugs.gnu.org with local (Exim 4.84_2) (envelope-from ) id 1l2N9q-0005iP-7H for guix-patches@gnu.org; Wed, 20 Jan 2021 18:45:02 -0500 X-Loop: help-debbugs@gnu.org Subject: [bug#46010] [PATCH] gnu: dnsmasq: Update to 2.83 [security fixes]. Resent-From: Pierre Langlois Original-Sender: "Debbugs-submit" Resent-CC: guix-patches@gnu.org Resent-Date: Wed, 20 Jan 2021 23:45:02 +0000 Resent-Message-ID: Resent-Sender: help-debbugs@gnu.org X-GNU-PR-Message: report 46010 X-GNU-PR-Package: guix-patches X-GNU-PR-Keywords: patch To: 46010@debbugs.gnu.org X-Debbugs-Original-To: Guix-patches Received: via spool by submit@debbugs.gnu.org id=B.161118628221925 (code B ref -1); Wed, 20 Jan 2021 23:45:02 +0000 Received: (at submit) by debbugs.gnu.org; 20 Jan 2021 23:44:42 +0000 Received: from localhost ([127.0.0.1]:56453 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1l2N9Q-0005hS-Fu for submit@debbugs.gnu.org; Wed, 20 Jan 2021 18:44:42 -0500 Received: from lists.gnu.org ([209.51.188.17]:33628) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1l2N9O-0005hK-2J for submit@debbugs.gnu.org; Wed, 20 Jan 2021 18:44:34 -0500 Received: from eggs.gnu.org ([2001:470:142:3::10]:39954) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1l2N9N-00073c-RG for guix-patches@gnu.org; Wed, 20 Jan 2021 18:44:33 -0500 Received: from mout.gmx.net ([212.227.17.22]:46927) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1l2N9G-0004SG-KT for guix-patches@gnu.org; Wed, 20 Jan 2021 18:44:33 -0500 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=gmx.net; s=badeba3b8450; t=1611186263; bh=gERO7qK5Be5yrkbO6cXRXSMuEikkjF7+BJwlpPv2dFk=; h=X-UI-Sender-Class:From:To:Subject:Date; b=LSlyVOLqKDoVmt0BySD63MMRxPh2HddXUVegbvnPcoTSCE8qhMglgLWiTJPjVifI1 YWwM5ZmoWII3e0thnLDu5l0ISNox8LQUn28ZBun4R1iH2LMcdFA+yPTEM6YSxej2kE aUif6qGYjIK6OLNprrw1VpB3feux9cc/c5bSPVf0= X-UI-Sender-Class: 01bb95c1-4bf8-414a-932a-4f6e2808ef9c Received: from labiere ([82.69.64.142]) by mail.gmx.com (mrgmx105 [212.227.17.174]) with ESMTPSA (Nemesis) id 1MyKHc-1lwIDS3UIW-00yl6r for ; Thu, 21 Jan 2021 00:44:22 +0100 User-agent: mu4e 1.4.14; emacs 27.1 From: Pierre Langlois Date: Wed, 20 Jan 2021 23:44:21 +0000 Message-ID: <87pn1zfa22.fsf@gmx.com> MIME-Version: 1.0 Content-Type: multipart/mixed; boundary="=-=-=" X-Provags-ID: V03:K1:XWOvHa/jOTAeZvmW/sYYMuTRTrfe/4iHWAPS8fZgICMsbewvf60 JZRHOZZvVEydRBsKYln5ZGQTVCFvautma4+1aem+rMIhzs2yh7tMvgWA3AG8SyQOWM/G+ZT V2Yidr6AM+h434dfHPR/qGhfeUtGVQOjvVbBZkZOLOm5qipburkyN7/PyqEKZzjExV3U9aj GYXWFul3YRs2B8G/J/vQg== X-UI-Out-Filterresults: notjunk:1;V03:K0:99R1VLTjSdU=:6o7Mr8SHQZKuL7n6q38Ohd OqHHQ9bZwsvMGqtPYdmOfv5S0teBEeXxCv0fL/2nq6+Xrao1PWXJ0q4EpCnKvNfgj6jSMe8gg HsgRAP3jITuPV137pZrDtCHn5eelp8ieMdxaGwgbvF9VSCFHuejhTRH3ZRNHwBdZj8REAEPme 5JAXcnJ6GBPxviS/8Pp8PYnzti/XUIP/T8aiIDVMU0h48HcHNFcbCmv6jW1SJfHsqNcc3BRLD 2mD3ai3RwKo3azfFGs+nGekd7WENv1nRUfDdYLFl6uZaYenbI6YcqvHJAnRy/OIHMTShzBRFF EKP5ONPv9CgT0Fagqx31QG8R4nqWkFUjBnKqap8r4ftBgBPIi86kePCGCUGw2aJ0b8iQlBE2g OnKrNyMjos67zT+UC/qDNvye6u5+y+xNPKoe9OMQMRzyCwQI6MoJVAuDCeH6pV6F5nrc9qEWG n1uWae0IofzVFIE7PLgwFRJPU/tfjh2eo3kXYxww+ai7Za4oHiVJubMoWwuAVJDZYT/NOCJHS GZsG0lEDf8EwYmDs8uPUsv/BAvbudOxbK2sXVaCtuhchtp8ZrnmpxcIV5+bfCmoRMJ6si+JJu EpOwysPgQ4Vrg4VLQ4356FvPOJNf4E0NqNtiVnVMbf/+d+CpL1daKz9OKjJpAB7ExBwB8XFyQ y12jP0suwmBg7ve6a0ziNUReEG/JXZKNkv2svJt6+WK8jOcliSP+8SLTAlbGqUAC8hSGdMsMl UDr2i1mIahddgWcHYP9+dptFi5M03T/sKPDR7SmEGz2MfZ+IS/4EYP1xH7AmDFdjDENK8n4MP MmG3L+LeM2+EIiFZML7zYdVV++vujc28kP6OZUUoqWVzmVTV5a/os5RVLo5zDP8pmAOLjd66n C2QanHNCpTISTm6lZqug== Received-SPF: pass client-ip=212.227.17.22; envelope-from=pierre.langlois@gmx.com; helo=mout.gmx.net X-Spam_score_int: -18 X-Spam_score: -1.9 X-Spam_bar: - X-Spam_report: (-1.9 / 5.0 requ) BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, FREEMAIL_FROM=0.001, RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_MSPIKE_H3=0.001, RCVD_IN_MSPIKE_WL=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001 autolearn=ham autolearn_force=no X-Spam_action: no action X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list X-BeenThere: guix-patches@gnu.org List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: guix-patches-bounces+larch=yhetil.org@gnu.org Sender: "Guix-patches" X-Migadu-Flow: FLOW_IN X-Migadu-Spam-Score: -3.35 Authentication-Results: aspmx1.migadu.com; dkim=fail ("headers rsa verify failed") header.d=gmx.net header.s=badeba3b8450 header.b=LSlyVOLq; dmarc=fail reason="SPF not aligned (relaxed)" header.from=gmx.com (policy=none); spf=pass (aspmx1.migadu.com: domain of guix-patches-bounces@gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=guix-patches-bounces@gnu.org X-Migadu-Queue-Id: 9AEE39402A2 X-Spam-Score: -3.35 X-Migadu-Scanner: scn1.migadu.com X-TUID: T4F0LdzqwaII --=-=-= Content-Type: multipart/signed; boundary="==-=-="; micalg=pgp-sha512; protocol="application/pgp-signature" --==-=-= Content-Type: text/plain Hi Guix! There was a security advisory on dnsmasq recently [0], so here's a patch to address those by updating to the latest release. I thought I'd post the patch on here first just in case it's already in someone's pipeline, in which case I can drop it. If not I can push this shortly, I assume it's not controversial :-). Thanks! Pierre [0]: http://lists.thekelleys.org.uk/pipermail/dnsmasq-discuss/2021q1/014599.html --==-=-= Content-Type: application/pgp-signature; name="signature.asc" -----BEGIN PGP SIGNATURE----- iQFMBAEBCgA2FiEEctU9gYy29KFyWDdMqPyeRH9PfVQFAmAIwFUYHHBpZXJyZS5s YW5nbG9pc0BnbXguY29tAAoJEKj8nkR/T31U27UIALBjaKCeIymuHzOqtxtRsIzU bZNuNlBNp2J831gmz0IAaCph7RMrk3EWCpiihhWPU09P1VVfMVFjAoeQpsy76rAL 8dNyFkW1Jcr2vRrTXAEwhnUrTBQmQZuMFXAqQB+eg6f/Ye8eBHjhfAVbfBfo5ObC K3W9XuLs8eQpB3wsHvZFut4Qf7ORK8bfrmU4rgpYbF+2G4Vdvq++mR3DEKEsBBP3 O2rdJStIwqxWyBTUwlMtwdeLGDtDh8ffgfSaTHVDb2/woj/zxIYH9oZoIP+pL3v6 0EkVgfzf4ibbZjoV4TXXJeQCCrrRpmWBmj1SUt5mtLhVtxcxBdwIOPDKz12kerg= =ybbP -----END PGP SIGNATURE----- --==-=-=-- --=-=-= Content-Type: text/x-patch; charset=utf-8 Content-Disposition: inline; filename=0001-gnu-dnsmasq-Update-to-2.83-security-fixes.patch Content-Transfer-Encoding: quoted-printable >From 319503d962de459aa6a357c3efd183d04f3bff6b Mon Sep 17 00:00:00 2001 From: Pierre Langlois Date: Wed, 20 Jan 2021 23:35:49 +0000 Subject: [PATCH] gnu: dnsmasq: Update to 2.83 [security fixes]. Includes fixes for CVE-2020-25681, CVE-2020-25682, CVE-2020-25683, CVE-2020-25684, CVE-2020-25685, CVE-2020-25686, CVE-2020-25687. * gnu/packages/dns.scm (dnsmasq): Update to 2.83. --- gnu/packages/dns.scm | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/gnu/packages/dns.scm b/gnu/packages/dns.scm index 5bb725ae92..a1ed730f62 100644 --- a/gnu/packages/dns.scm +++ b/gnu/packages/dns.scm @@ -13,7 +13,7 @@ ;;; Copyright =C2=A9 2019 Mathieu Othacehe ;;; Copyright =C2=A9 2019 Chris Marusich ;;; Copyright =C2=A9 2019 Rutger Helling -;;; Copyright =C2=A9 2020 Pierre Langlois +;;; Copyright =C2=A9 2020, 2021 Pierre Langlois ;;; Copyright =C2=A9 2020 Arun Isaac ;;; Copyright =C2=A9 2020 Leo Famulari ;;; Copyright =C2=A9 2020 Brice Waegeneire @@ -277,7 +277,7 @@ prompt the user with the option to go with insecure DNS= only.") (define-public dnsmasq (package (name "dnsmasq") - (version "2.82") + (version "2.83") (source (origin (method url-fetch) (uri (string-append @@ -285,7 +285,7 @@ prompt the user with the option to go with insecure DNS= only.") version ".tar.xz")) (sha256 (base32 - "0cn1xd1s6xs78jmrmwjnh9m6w3q38pk6dyqy2phvasqiyd33cll4")))) + "1sjamz1v588qf35m8z6wcqkjk5w12bqhj7d7p48dj8jyn3lgghgz")))) (build-system gnu-build-system) (native-inputs `(("pkg-config" ,pkg-config))) --=20 2.30.0 --=-=-=--