Diffusion FreeBSD ports repository 4d78fddbd078

2.93rc1 (6 CVEs)
4d78fddbd078
Actions

Description

dns/dnsmasq-devel: Update 2.93test10 => 2.93rc1 (6 CVEs)

This contains the six security fixed (or variants thereof) recently
appeared in 2.92rel2.

Including privilege escalation, cache poisoning/rediction, information
leak, and denial of service.

See https://www.kb.cert.org/vuls/id/471747
See https://lists.thekelleys.org.uk/pipermail/dnsmasq-discuss/2026q2/018471.html

Upstream Git changelog since v2.93test10:

14094e8 2026-05-09 | Fix buffer OOB read in find_soa() (tag: v2.93rc1) [do litli]
c705607 2026-04-06 | Fix problen in from_wire() when names contain escape chars. [Simon Kelley]
9d2c93b 2026-03-30 | Sync 3ea905b98b8756f0652a9626a98384e96bab3a97 with 7cd050075ea73cd7707fce5b70f0fec25f722f67 [Simon Kelley]
073082d 2026-03-30 | Fix buffer overflow vulnerability in extract_addresses() CVE-2026-5172 [Simon Kelley]
9f651f3 2026-03-30 | Updates to a345b075b3b8696a18631b46e53ab654354ed961 following review. [Simon Kelley]
e3a26d0 2026-03-25 | Fix broken client subnet validation. CVE-2026-4893 [Simon Kelley]
10e6b5b 2026-03-25 | Fix buffer overflow in helper.c with large CLIDs. CVE-2026-4892 [Simon Kelley]
788b4e0 2026-03-25 | Verify rdlen field in RRSIG packets. CVE-2026-4891 [Simon Kelley]
7b151eb 2026-03-25 | Fix NSEC bitmap parsing infinite loop. CVE-2026-4890 [Simon Kelley]
014e909 2026-02-12 | Rework storage allocation for domain names. CVE-2026-2291 [Simon Kelley]
29f8712 2026-05-10 | Fix OOB read/write of rr_status. [Simon Kelley]
0450f9e 2026-05-10 | Fix OOB read when parsing DHCPv6 userclass or vendorclass options. [Simon Kelley]
0637bcf 2026-05-09 | Add support for IPV6 when reading ARP/ND table on *BSD. [Sagie D.]
4bcc965 2026-05-04 | Fix memory leak reading ARP cache on *BSD. [Simon Kelley]

PR: 295204
Security: eeb4d69a-4d74-11f1-9a9c-994b98c88011
Security: CVE-2026-2291
Security: CVE-2026-4890
Security: CVE-2026-4891
Security: CVE-2026-4892
Security: CVE-2026-4893
Security: CVE-2026-5172
Sponsored by: UNIS Labs
MFH: 2026Q2

(cherry picked from commit 5f74f30e187f12444e4dae502f1a841d541369a6)