[Librecmc-users] libreCMC v1.5.4 : Security Advisory 2021.01.22

Robert Call (Bob) bob at librecmc.org
Fri Jan 22 15:16:40 EST 2021


Fix. Correct link at the bottom.

libreCMC v1.5.4 : Cache Poisoning and RCE in dnsmasq CVE 2020-2568{1-7}

A critical security issue in dnsmasq that includes the possibility of a
"...DNS cache poisoning attack by an off-path attacker..." [1] affects
libreCMC v1.5.4. At this time, the project has recalled available
images and advises users to use a configuration mitigation until a more
permanent fix is available.

Please read the full advisory at : [2]

[1] DNSpooq :
https://www.jsof-tech.com/wp-content/uploads/2021/01/DNSpooq_Technical-Whitepaper.pdf

[2] Full advisory notice :
https://librecmc.org/fossil/librecmc/wiki?name=sec_advisory_2021_01_22


--
Robert Call (Bob)
bob at librecmc.org
https://librecmc.org




More information about the Librecmc-users mailing list