The dnsmasq packages contain Dnsmasq, a lightweight DNS forwarder and DHCP server. Security Fix: * dnsmasq: heap-based buffer overflow in sort_rrset when DNSSEC is enabled * dnsmasq: buffer overflow in extract_name due to missing length check when DNSSEC is enabled * dnsmasq: heap-based buffer overflow with large memcpy in get_rdata when DNSSEC is enabled * dnsmasq: loose address/port check in reply_query makes forging replies easier for an off-path attacker * dnsmasq: loose query name check in reply_query makes forging replies easier for an off-path attacker * dnsmasq: multiple queries forwarded for the same name makes forging replies easier for an off-path attacker * dnsmasq: heap-based buffer overflow with large memcpy in sort_rrset when DNSSEC is enabled For more details about the security issue, including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page listed in the References section.