Ticket #16158 (closed update: fixed)
dnsmasq 2.45 Security update, Portfile update
| Reported by: | davidgilman1+macports@… | Owned by: | ryandesign@… |
|---|---|---|---|
| Priority: | Normal | Milestone: | |
| Component: | ports | Version: | 1.6.0 |
| Keywords: | security, dns | Cc: | |
| Port: | dnsmasq |
Description
This patch has a number of fixes: 1) Updating to the latest upstream version of dnsmasq comes with bug fixes and a fix for the dns poisoning attack that's been publicized recently. 2) dnsmasq's pidfile is stored properly in the destroot instead of /var/run/. 3) Changed the hardcoded nawk in the Makefile to awk.
Attachments
Change History
Changed 5 years ago by davidgilman1+macports@…
- Attachment Portfile.2.45.patch added
Changed 5 years ago by davidgilman1+macports@…
- Attachment patch-config.h.diff added
update config.h to store pidfile in destroot
Changed 5 years ago by davidgilman1+macports@…
- Attachment patch-Makefile.diff added
use awk instead of gawk
comment:1 Changed 5 years ago by davidgilman1+macports@…
Ack, disregard that patch-config.h.diff file. It forced the software to look in ${destroot}/etc/resolv.conf for upstream DNS information. The default config of dnsmasq expects that file to be updated by the system as connections are made and new DNS servers are made available, however macos x doesn't know to update macport's resolv.conf.
I'm attaching a new config.h patch that keeps dnsmasq checking the resolv.conf file that is updated by the system as most users would expect the software to do.
Changed 5 years ago by davidgilman1+macports@…
- Attachment patch-config.h.noresolv.diff added
replacement of config.h patch, see comments
comment:2 Changed 5 years ago by ryandesign@…
- Status changed from new to assigned
- Owner changed from macports-tickets@… to ryandesign@…
- Port set to dnsmasq
- Milestone set to Port Updates
patch to update portfile to 2.45