Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
SUSE:SLE-12-SP4:Update
dnsmasq
dnsmasq-CVE-2023-28450.patch
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File dnsmasq-CVE-2023-28450.patch of Package dnsmasq
--- man/dnsmasq.8.orig +++ man/dnsmasq.8 @@ -169,7 +169,8 @@ to zero completely disables DNS function .TP .B \-P, --edns-packet-max=<size> Specify the largest EDNS.0 UDP packet which is supported by the DNS -forwarder. Defaults to 4096, which is the RFC5625-recommended size. +forwarder. Defaults to 1232, which is the recommended size following the +DNS flag day in 2020. Only increase if you know what you are doing. .TP .B \-Q, --query-port=<query_port> Send outbound DNS queries from, and listen for their replies on, the --- src/config.h.orig +++ src/config.h @@ -19,7 +19,7 @@ #define CHILD_LIFETIME 150 /* secs 'till terminated (RFC1035 suggests > 120s) */ #define TCP_MAX_QUERIES 100 /* Maximum number of queries per incoming TCP connection */ #define TCP_BACKLOG 32 /* kernel backlog limit for TCP connections */ -#define EDNS_PKTSZ 4096 /* default max EDNS.0 UDP packet from RFC5625 */ +#define EDNS_PKTSZ 1232 /* default max EDNS.0 UDP packet from from /dnsflagday.net/2020 */ #define SAFE_PKTSZ 1280 /* "go anywhere" UDP packet size */ #define KEYBLOCK_LEN 40 /* choose to minimise fragmentation when storing DNSSEC keys */ #define DNSSEC_WORK 50 /* Max number of queries to validate one question */
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor