Debian Patches

Status for dnsproxy/1.17+git20211129.22329c4-5

Patch Description Author Forwarded Bugs Origin Last update
01_fix_listen_udp_port.patch dnsproxy listen UDP port on all interfaces When dnsproxy starts it listens to a random UDP port on all interfaces.
That socket need to be opened, but not always on all interfaces.
If someone connects on that port it's possible to send unwanted DNS
answers to dnsproxy, these answers can be forwarded to the client, but
an attacker needs to know the DNS ID used by the client and the DNS ID
used by dnsproxy.
.
The discussion about this you can find at upstream VCS [1].
.
Until this is fixed by upstream, was created two additional configuration
parameters:
* listen_answer: To user indicate what IP address assign to sock_answer.
* port_answer: To user indicate what UDP port assing to sock_answer.
If the user does not use these new variables in dnsproxy.conf, the dnsproxy
will only work within DNS servers at localhost. An explanation about the use
of these new variables was added to dnsproxy.conf.
.
[1] https://github.com/awaw/dnsproxy/issues/6
Marcos Talau <marcos@talau.info> no debian 2021-12-03
02_update_configure_ac.patch update configure.ac file This patch remove obsolete autoconf macros, due to this, small parts
of the C code were changed.

===================================================================
Marcos Talau <marcos@talau.info> yes 2022-03-31
03_fix_daemon_chdir.patch fix the use of chdir in daemon.c
===================================================================
Marcos Talau <marcos@talau.info> yes 2022-03-31

All known versions for source package 'dnsproxy'

Links