oss-sec mailing list archives

Re: Questionable CVE's reported against dnsmasq

From: Sebastian Pipping <sebastian () pipping org>
Date: Fri, 31 Oct 2025 15:08:39 +0100

On 10/31/25 11:06, Petr Menšík wrote:

Yes, we donot backport medium or low CVEs always, especially if fixing them inolder versions is complicated and requires non-trivial rewriting.


I'd be curious how many users are actually aware of that.
I have a related blog post…

  How much security is in long-term support (LTS)?

https://blog.hartwork.org/posts/how-much-security-is-in-long-term-support/


…from March 2025 with examples.

Current thread:

Re: Questionable CVE's reported against dnsmasq, (continued)
- Re: Questionable CVE's reported against dnsmasq Jeremy Stanley (Oct 27)
  - Re: Questionable CVE's reported against dnsmasq Andrew Latham (Oct 27)
    - Re: Questionable CVE's reported against dnsmasq Sebastian Pipping (Oct 27)
    - Re: Questionable CVE's reported against dnsmasq Stuart Henderson (Oct 27)
    - Re: Questionable CVE's reported against dnsmasq Sebastian Pipping (Oct 27)
    - Re: Questionable CVE's reported against dnsmasq Matthew Fernandez (Oct 27)
    - Re: Questionable CVE's reported against dnsmasq Eli Schwartz (Oct 27)
    - Re: Questionable CVE's reported against dnsmasq Stuart Henderson (Oct 28)
    - Re: Questionable CVE's reported against dnsmasq Salvatore Bonaccorso (Oct 29)
    - Re: Questionable CVE's reported against dnsmasq Petr Menšík (Oct 31)
    - Re: Questionable CVE's reported against dnsmasq Sebastian Pipping (Oct 31)
  - Re: Questionable CVE's reported against dnsmasq Jeffrey Walton (Oct 27)
- Re: Questionable CVE's reported against dnsmasq Moritz Mühlenhoff (Oct 27)
  - Re: Questionable CVE's reported against dnsmasq Collin Funk (Oct 27)
  - Re: Questionable CVE's reported against dnsmasq Michael Orlitzky (Oct 27)
    - Re: Questionable CVE's reported against dnsmasq Hank Leininger (Oct 27)
    - Re: Questionable CVE's reported against dnsmasq Solar Designer (Oct 27)
    - Re: Questionable CVE's reported against dnsmasq Douglas Bagnall (Oct 29)
    - Re: Questionable CVE's reported against dnsmasq Art Manion (Oct 31)
    - Re: Questionable CVE's reported against dnsmasq Solar Designer (Oct 31)
    - Re: Questionable CVE's reported against dnsmasq Art Manion (Nov 01)

(Thread continues...)