Red Hat Product Errata RHSA-2024:4052 - Security Advisory
Issued:
2024-06-23
Updated:
2024-06-23

RHSA-2024:4052 - Security Advisory

Synopsis

Moderate: dnsmasq security update

Type/Severity

Security Advisory: Moderate

Red Hat Insights patch analysis

Identify and remediate systems affected by this advisory.

View affected systems

Topic

An update for dnsmasq is now available for Red Hat Enterprise Linux 9.2 Extended Update Support.

Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Description

The dnsmasq packages contain Dnsmasq, a lightweight DNS (Domain Name Server) forwarder and DHCP (Dynamic Host Configuration Protocol) server.

Security Fix(es):

  • dnsmasq: default maximum EDNS.0 UDP packet size was set to 4096 but should be 1232 (CVE-2023-28450)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer the CVE page(s) listed in the References section.

Solution

For details on how to apply this update, which includes the changes described in this advisory, refer to:

https://access.redhat.com/articles/11258

Affected Products

  • Red Hat Enterprise Linux for x86_64 - Extended Update Support 9.2 x86_64
  • Red Hat Enterprise Linux Server - AUS 9.2 x86_64
  • Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 9.2 s390x
  • Red Hat Enterprise Linux for Power, little endian - Extended Update Support 9.2 ppc64le
  • Red Hat Enterprise Linux for ARM 64 - Extended Update Support 9.2 aarch64
  • Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 9.2 ppc64le
  • Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 9.2 x86_64
  • Red Hat Enterprise Linux for ARM 64 - 4 years of updates 9.2 aarch64
  • Red Hat Enterprise Linux for IBM z Systems - 4 years of updates 9.2 s390x

Fixes

  • BZ - 2178948 - CVE-2023-28450 dnsmasq: default maximum EDNS.0 UDP packet size was set to 4096 but should be 1232

Red Hat Enterprise Linux for x86_64 - Extended Update Support 9.2

SRPM
dnsmasq-2.85-6.el9_2.4.src.rpm SHA-256: cee2360bd2175889b608a72c71f2863c555b9cabc202bfe08e8e644019ecad3a
x86_64
dnsmasq-2.85-6.el9_2.4.x86_64.rpm SHA-256: 910975f26a67326b24159d43848189e9a30de30c469a437e251b4fea7e9d7ef2
dnsmasq-debuginfo-2.85-6.el9_2.4.x86_64.rpm SHA-256: 1d04f8ad413d47683277bfc605a25380da87d6e85b398c98104c71221da43bbb
dnsmasq-debugsource-2.85-6.el9_2.4.x86_64.rpm SHA-256: d7ccae9e2c869ab7a155378cd09a0369fc09480460c2f6fb289f2a3a9a4d4736
dnsmasq-utils-2.85-6.el9_2.4.x86_64.rpm SHA-256: 010d5fad4c2fc454c26d071225e35699f5020dcd9f3f4ba96e79a89b6b98cf87
dnsmasq-utils-debuginfo-2.85-6.el9_2.4.x86_64.rpm SHA-256: 6cfdaacb2dc30ede1f0f907d4a17e5ecff99d1499e2f2ccd2f4b635a6485e4aa

Red Hat Enterprise Linux Server - AUS 9.2

SRPM
dnsmasq-2.85-6.el9_2.4.src.rpm SHA-256: cee2360bd2175889b608a72c71f2863c555b9cabc202bfe08e8e644019ecad3a
x86_64
dnsmasq-2.85-6.el9_2.4.x86_64.rpm SHA-256: 910975f26a67326b24159d43848189e9a30de30c469a437e251b4fea7e9d7ef2
dnsmasq-debuginfo-2.85-6.el9_2.4.x86_64.rpm SHA-256: 1d04f8ad413d47683277bfc605a25380da87d6e85b398c98104c71221da43bbb
dnsmasq-debugsource-2.85-6.el9_2.4.x86_64.rpm SHA-256: d7ccae9e2c869ab7a155378cd09a0369fc09480460c2f6fb289f2a3a9a4d4736
dnsmasq-utils-2.85-6.el9_2.4.x86_64.rpm SHA-256: 010d5fad4c2fc454c26d071225e35699f5020dcd9f3f4ba96e79a89b6b98cf87
dnsmasq-utils-debuginfo-2.85-6.el9_2.4.x86_64.rpm SHA-256: 6cfdaacb2dc30ede1f0f907d4a17e5ecff99d1499e2f2ccd2f4b635a6485e4aa

Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 9.2

SRPM
dnsmasq-2.85-6.el9_2.4.src.rpm SHA-256: cee2360bd2175889b608a72c71f2863c555b9cabc202bfe08e8e644019ecad3a
s390x
dnsmasq-2.85-6.el9_2.4.s390x.rpm SHA-256: fc4113e79de2ebecdb7fb76cbd94b62e1f5c940316d10a4e986cb4d9a446ee5f
dnsmasq-debuginfo-2.85-6.el9_2.4.s390x.rpm SHA-256: 22acc102ef96e6d7a086607a0e9ca727de0902af11238e8def1b8ca2c8658f9e
dnsmasq-debugsource-2.85-6.el9_2.4.s390x.rpm SHA-256: 0f27d381026f3af0659b0c765938113a52fc7b4b6f7d13919d3e5fd59d96f0ed
dnsmasq-utils-2.85-6.el9_2.4.s390x.rpm SHA-256: 7a8164331c8e745c43e1e58e74b15a9bb8f8ca2faf5b70770ad331cbcfbbc7c5
dnsmasq-utils-debuginfo-2.85-6.el9_2.4.s390x.rpm SHA-256: 519115732453be8caa08c4137ea11f005756a0a271f95224e703f744eefa7868

Red Hat Enterprise Linux for Power, little endian - Extended Update Support 9.2

SRPM
dnsmasq-2.85-6.el9_2.4.src.rpm SHA-256: cee2360bd2175889b608a72c71f2863c555b9cabc202bfe08e8e644019ecad3a
ppc64le
dnsmasq-2.85-6.el9_2.4.ppc64le.rpm SHA-256: c1292580527acd5e01732098b652e4b29f74329134e5d7be627bf6d703c57b7c
dnsmasq-debuginfo-2.85-6.el9_2.4.ppc64le.rpm SHA-256: 6f4c80436a7a347f9ec7b86bd12a42cf30040da401e32ffcb0e4f40d631ef94b
dnsmasq-debugsource-2.85-6.el9_2.4.ppc64le.rpm SHA-256: 684d6502e714da30bd273fb11b723b6d4ad720bba4df1e1d6eec8225523a5e58
dnsmasq-utils-2.85-6.el9_2.4.ppc64le.rpm SHA-256: 0bbb8e46541d70c6014f4a67e8f52f5e9a0a7aad7477f3b751d8e1a1d2d0ced3
dnsmasq-utils-debuginfo-2.85-6.el9_2.4.ppc64le.rpm SHA-256: 2d43f8c2fb7ac0bfd80a71acfdcf64600fa4b93e3ec9e10b9b75e1eac9b1fa74

Red Hat Enterprise Linux for ARM 64 - Extended Update Support 9.2

SRPM
dnsmasq-2.85-6.el9_2.4.src.rpm SHA-256: cee2360bd2175889b608a72c71f2863c555b9cabc202bfe08e8e644019ecad3a
aarch64
dnsmasq-2.85-6.el9_2.4.aarch64.rpm SHA-256: f44fb4c0ff01967591c429f4ee044bf37f2e2fb19d0d6b6fffb113e2ceb941fe
dnsmasq-debuginfo-2.85-6.el9_2.4.aarch64.rpm SHA-256: 145e7306f8e1572aebf4837cafda450afc746c8d865adf8cf04bbbbe2f8d9fcc
dnsmasq-debugsource-2.85-6.el9_2.4.aarch64.rpm SHA-256: a8d75b2709bbf716d357702853e9c307906ce7795acbcb4ec6e15515c52f8d1a
dnsmasq-utils-2.85-6.el9_2.4.aarch64.rpm SHA-256: 5ed44ee13f62e548891122af2a405ecfd17fc63ca1d7eb7115c442443cf66efd
dnsmasq-utils-debuginfo-2.85-6.el9_2.4.aarch64.rpm SHA-256: f47e85554613587f4e8f1d88b8024f8a8f16c9ae82530ee46456c49afc8c73c0

Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 9.2

SRPM
dnsmasq-2.85-6.el9_2.4.src.rpm SHA-256: cee2360bd2175889b608a72c71f2863c555b9cabc202bfe08e8e644019ecad3a
ppc64le
dnsmasq-2.85-6.el9_2.4.ppc64le.rpm SHA-256: c1292580527acd5e01732098b652e4b29f74329134e5d7be627bf6d703c57b7c
dnsmasq-debuginfo-2.85-6.el9_2.4.ppc64le.rpm SHA-256: 6f4c80436a7a347f9ec7b86bd12a42cf30040da401e32ffcb0e4f40d631ef94b
dnsmasq-debugsource-2.85-6.el9_2.4.ppc64le.rpm SHA-256: 684d6502e714da30bd273fb11b723b6d4ad720bba4df1e1d6eec8225523a5e58
dnsmasq-utils-2.85-6.el9_2.4.ppc64le.rpm SHA-256: 0bbb8e46541d70c6014f4a67e8f52f5e9a0a7aad7477f3b751d8e1a1d2d0ced3
dnsmasq-utils-debuginfo-2.85-6.el9_2.4.ppc64le.rpm SHA-256: 2d43f8c2fb7ac0bfd80a71acfdcf64600fa4b93e3ec9e10b9b75e1eac9b1fa74

Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 9.2

SRPM
dnsmasq-2.85-6.el9_2.4.src.rpm SHA-256: cee2360bd2175889b608a72c71f2863c555b9cabc202bfe08e8e644019ecad3a
x86_64
dnsmasq-2.85-6.el9_2.4.x86_64.rpm SHA-256: 910975f26a67326b24159d43848189e9a30de30c469a437e251b4fea7e9d7ef2
dnsmasq-debuginfo-2.85-6.el9_2.4.x86_64.rpm SHA-256: 1d04f8ad413d47683277bfc605a25380da87d6e85b398c98104c71221da43bbb
dnsmasq-debugsource-2.85-6.el9_2.4.x86_64.rpm SHA-256: d7ccae9e2c869ab7a155378cd09a0369fc09480460c2f6fb289f2a3a9a4d4736
dnsmasq-utils-2.85-6.el9_2.4.x86_64.rpm SHA-256: 010d5fad4c2fc454c26d071225e35699f5020dcd9f3f4ba96e79a89b6b98cf87
dnsmasq-utils-debuginfo-2.85-6.el9_2.4.x86_64.rpm SHA-256: 6cfdaacb2dc30ede1f0f907d4a17e5ecff99d1499e2f2ccd2f4b635a6485e4aa

Red Hat Enterprise Linux for ARM 64 - 4 years of updates 9.2

SRPM
dnsmasq-2.85-6.el9_2.4.src.rpm SHA-256: cee2360bd2175889b608a72c71f2863c555b9cabc202bfe08e8e644019ecad3a
aarch64
dnsmasq-2.85-6.el9_2.4.aarch64.rpm SHA-256: f44fb4c0ff01967591c429f4ee044bf37f2e2fb19d0d6b6fffb113e2ceb941fe
dnsmasq-debuginfo-2.85-6.el9_2.4.aarch64.rpm SHA-256: 145e7306f8e1572aebf4837cafda450afc746c8d865adf8cf04bbbbe2f8d9fcc
dnsmasq-debugsource-2.85-6.el9_2.4.aarch64.rpm SHA-256: a8d75b2709bbf716d357702853e9c307906ce7795acbcb4ec6e15515c52f8d1a
dnsmasq-utils-2.85-6.el9_2.4.aarch64.rpm SHA-256: 5ed44ee13f62e548891122af2a405ecfd17fc63ca1d7eb7115c442443cf66efd
dnsmasq-utils-debuginfo-2.85-6.el9_2.4.aarch64.rpm SHA-256: f47e85554613587f4e8f1d88b8024f8a8f16c9ae82530ee46456c49afc8c73c0

Red Hat Enterprise Linux for IBM z Systems - 4 years of updates 9.2

SRPM
dnsmasq-2.85-6.el9_2.4.src.rpm SHA-256: cee2360bd2175889b608a72c71f2863c555b9cabc202bfe08e8e644019ecad3a
s390x
dnsmasq-2.85-6.el9_2.4.s390x.rpm SHA-256: fc4113e79de2ebecdb7fb76cbd94b62e1f5c940316d10a4e986cb4d9a446ee5f
dnsmasq-debuginfo-2.85-6.el9_2.4.s390x.rpm SHA-256: 22acc102ef96e6d7a086607a0e9ca727de0902af11238e8def1b8ca2c8658f9e
dnsmasq-debugsource-2.85-6.el9_2.4.s390x.rpm SHA-256: 0f27d381026f3af0659b0c765938113a52fc7b4b6f7d13919d3e5fd59d96f0ed
dnsmasq-utils-2.85-6.el9_2.4.s390x.rpm SHA-256: 7a8164331c8e745c43e1e58e74b15a9bb8f8ca2faf5b70770ad331cbcfbbc7c5
dnsmasq-utils-debuginfo-2.85-6.el9_2.4.s390x.rpm SHA-256: 519115732453be8caa08c4137ea11f005756a0a271f95224e703f744eefa7868

The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.