Debian Patches

Status for dnsproxy/1.17+git20211129.22329c4-6

Search:

Patch	Description	Author	Forwarded	Bugs	Origin	Last update
01_fix_listen_udp_port.patch	dnsproxy listen UDP port on all interfaces When dnsproxy starts it listens to a random UDP port on all interfaces. That socket need to be opened, but not always on all interfaces. If someone connects on that port it's possible to send unwanted DNS answers to dnsproxy, these answers can be forwarded to the client, but an attacker needs to know the DNS ID used by the client and the DNS ID used by dnsproxy. . The discussion about this you can find at upstream VCS [1]. . Until this is fixed by upstream, was created two additional configuration parameters: * listen_answer: To user indicate what IP address assign to sock_answer. * port_answer: To user indicate what UDP port assing to sock_answer. If the user does not use these new variables in dnsproxy.conf, the dnsproxy will only work within DNS servers at localhost. An explanation about the use of these new variables was added to dnsproxy.conf. . [1] https://github.com/awaw/dnsproxy/issues/6	Marcos Talau <marcos@talau.info>	yes	debian		2023-09-06
02_update_configure_ac.patch	update configure.ac file This patch remove obsolete autoconf macros, due to this, small parts of the C code were changed. ===================================================================	Marcos Talau <marcos@talau.info>	yes			2022-03-31
03_fix_daemon_chdir.patch	fix the use of chdir in daemon.c ===================================================================	Marcos Talau <marcos@talau.info>	yes			2022-03-31

Showing 1 to 3 of 3 entries

All known versions for source package 'dnsproxy'

1.17+git20211129.22329c4-6 (sid, trixie)
1.17+git20211129.22329c4-5 (bookworm)
1.17+git20211129.22329c4-1~bpo11+1 (bullseye-backports)
1.16-0.1+deb11u1 (bullseye)

Links