Actions
Bug #15703
closed
CVE-2023-28450
Status:
Resolved
Priority:
Normal
Assignee:
-
Category:
DNS Forwarder
Target version:
-
Start date:
Due date:
% Done:
0%
Estimated time:
Plus Target Version:
Release Notes:
Default
Affected Version:
All
Affected Architecture:
amd64
Description
Hello, today I just checked with openVAS the pfsense Firewall at home and found the following:
CVE-2023-28450
Severity 7.5 / 10
The host carries the product: cpe:/a:thekelleys:dnsmasq:2.89
It is vulnerable according to: CVE-2023-28450.
The product was found at: /usr/local/sbin/dnsmasq.
An issue was discovered in Dnsmasq before 2.90. The default maximum EDNS.0 UDP packet size was set to 4096 but should be 1232 because of DNS Flag Day 2020.
Is there a way to fix this via Custom Options?
Updated by Jim Pingle 3 months ago
- Status changed from New to Resolved
It's already updated in the repository and will be included in the next release, so there isn't anything else actionable here at the moment.
Actions