New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
[23.05] dnsmasq: version 2.90 #14853
Conversation
@@ -8,13 +8,13 @@ | |||
include $(TOPDIR)/rules.mk | |||
|
|||
PKG_NAME:=dnsmasq | |||
PKG_UPSTREAM_VERSION:=2.89 | |||
PKG_UPSTREAM_VERSION:=2.90 | |||
PKG_VERSION:=$(subst test,~~test,$(subst rc,~rc,$(PKG_UPSTREAM_VERSION))) | |||
PKG_RELEASE:=4 |
This comment was marked as resolved.
This comment was marked as resolved.
Sorry, something went wrong.
c47d60f
to
d216821
Compare
Thanks @systemcrash I hope I didn't eff it up. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I agree with @schuettecarsten to set PKG_RELEASE to 1
I had to add a newline at the end.
Otherwise it compiled and ran fine on my EA8500, thanks @stangri
For people using dnsmasq-full with dnssec, there is a bug in logging that creates log spam. Fixed upstream by https://thekelleys.org.uk/gitweb/?p=dnsmasq.git;a=commitdiff;h=1ed783b8d7343c42910a61f12a8fc6237eb80417 |
@MkQtS @hardfalcon @schuettecarsten @egc112 -- this is a cherry-pick PR, I can include other commits from main branch but I'm not adding anything which was not already merged in main. @dave14305 thank you, if/when the fix is merged into master, I can add another commit to this PR (if it's not merged by then). |
This should go in as an own commit in master. If that gets cherry picked and supersedes this, that's fine. I don't understand why this in itself should take such a long time. |
If the dnsmasq process forks to handle TCP connections, it closes the ubus context. But instead of changing the daemon wide pointer to NULL, only the local variable was adjusted - and this portion of the code was even dropped (dead store) by some optimizing compilers. It makes more sense to change the daemon->ubus pointer because various functions are already checking it for NULL. It is also the behavior which ubus_destroy() implements. Fixes: d8b33da ("dnsmasq: add support for monitoring and modifying dns lookup results via ubus") Signed-off-by: Sven Eckelmann <sven@narfation.org> (cherry picked from commit 711dcb7)
Bump to 2.90 to get upstream's fix for DNSSEC KeyTrap (CVE-2023-50387, CVE-2023-50868) among many other goodies and fixes (notably, upstream 568fb024... fixes a UAF in cache_remove_uid that was routinely crashing dnsmasq in my deployment). Catch up our 200-ubus_dns.patch, too. Signed-off-by: Nathaniel Wesley Filardo <nwfilardo@gmail.com> (cherry picked from commit 838a27f)
d216821
to
853b638
Compare
853b638
I created a PR for the extra patches: #14927 |
There is a new PR that's a continuation of this update. It allows for the full feature set of the new options from Dnsmasq 2.90 to be configurable via uci on OpenWrt: #14975 It adds the options for: and also adds a custom Dnsmasq configuration field via uci that supports any valid Dnsmasq option, so that we don't have to add each feature manually on every update like the ones above, and hopefully makes configurations a little bit easier. If possible, please review the PR #14975 or add a suggestion if you think there is anything that can be improved or needs to be changed. The main post for the PR and the details on how to try out and revert back the files is on the OpenWrt Forum: https://forum.openwrt.org/t/add-dnsmasq-custom-options-field-in-luci-gui/193184/18 |
Bump to 2.90 to get upstream's fix for DNSSEC KeyTrap (CVE-2023-50387, CVE-2023-50868) among many other goodies and fixes (notably, upstream 568fb024... fixes a UAF in cache_remove_uid that was routinely crashing dnsmasq in my deployment).
Catch up our 200-ubus_dns.patch, too.
Signed-off-by: Nathaniel Wesley Filardo nwfilardo@gmail.com
(cherry picked from commit 838a27f)