Google Git
Sign in
apache / cloudstack-www / 7105246919edf89bdfe90a5863c8ddf3e5fe32c0 / . / assets / js / e98a0818.c39bcdf9.js
blob: 52f3de15affd39d9c718312219dc034b7fe6223a [file] [log] [blame]
"use strict";(self.webpackChunkwebsite=self.webpackChunkwebsite||[]).push([[3436],{3905:(e,t,r)=>{r.d(t,{Zo:()=>u,kt:()=>y});var n=r(67294);function o(e,t,r){return t in e?Object.defineProperty(e,t,{value:r,enumerable:!0,configurable:!0,writable:!0}):e[t]=r,e}function a(e,t){var r=Object.keys(e);if(Object.getOwnPropertySymbols){var n=Object.getOwnPropertySymbols(e);t&&(n=n.filter((function(t){return Object.getOwnPropertyDescriptor(e,t).enumerable}))),r.push.apply(r,n)}return r}function s(e){for(var t=1;t<arguments.length;t++){var r=null!=arguments[t]?arguments[t]:{};t%2?a(Object(r),!0).forEach((function(t){o(e,t,r[t])})):Object.getOwnPropertyDescriptors?Object.defineProperties(e,Object.getOwnPropertyDescriptors(r)):a(Object(r)).forEach((function(t){Object.defineProperty(e,t,Object.getOwnPropertyDescriptor(r,t))}))}return e}function i(e,t){if(null==e)return{};var r,n,o=function(e,t){if(null==e)return{};var r,n,o={},a=Object.keys(e);for(n=0;n<a.length;n++)r=a[n],t.indexOf(r)>=0||(o[r]=e[r]);return o}(e,t);if(Object.getOwnPropertySymbols){var a=Object.getOwnPropertySymbols(e);for(n=0;n<a.length;n++)r=a[n],t.indexOf(r)>=0||Object.prototype.propertyIsEnumerable.call(e,r)&&(o[r]=e[r])}return o}var l=n.createContext({}),c=function(e){var t=n.useContext(l),r=t;return e&&(r="function"==typeof e?e(t):s(s({},t),e)),r},u=function(e){var t=c(e.components);return n.createElement(l.Provider,{value:t},e.children)},p="mdxType",d={inlineCode:"code",wrapper:function(e){var t=e.children;return n.createElement(n.Fragment,{},t)}},f=n.forwardRef((function(e,t){var r=e.components,o=e.mdxType,a=e.originalType,l=e.parentName,u=i(e,["components","mdxType","originalType","parentName"]),p=c(r),f=o,y=p["".concat(l,".").concat(f)]||p[f]||d[f]||a;return r?n.createElement(y,s(s({ref:t},u),{},{components:r})):n.createElement(y,s({ref:t},u))}));function y(e,t){var r=arguments,o=t&&t.mdxType;if("string"==typeof e||o){var a=r.length,s=new Array(a);s[0]=f;var i={};for(var l in t)hasOwnProperty.call(t,l)&&(i[l]=t[l]);i.originalType=e,i[p]="string"==typeof e?e:o,s[1]=i;for(var c=2;c<a;c++)s[c]=r[c];return n.createElement.apply(null,s)}return n.createElement.apply(null,r)}f.displayName="MDXCreateElement"},62459:(e,t,r)=>{r.r(t),r.d(t,{assets:()=>l,contentTitle:()=>s,default:()=>d,frontMatter:()=>a,metadata:()=>i,toc:()=>c});var n=r(87462),o=(r(67294),r(3905));const a={layout:"post",title:"Dnsmasq Vulnerabilities Advisory for CloudStack",tags:["announcement"],slug:"dnsmasq-vulnerabilities-advisory-for-cloudstack"},s=void 0,i={permalink:"/blog/dnsmasq-vulnerabilities-advisory-for-cloudstack",editUrl:"https://github.com/apache/cloudstack-www/tree/main/blog/2017-10-13-dnsmasq-vulnerabilities-advisory-for-cloudstack.md",source:"@site/blog/2017-10-13-dnsmasq-vulnerabilities-advisory-for-cloudstack.md",title:"Dnsmasq Vulnerabilities Advisory for CloudStack",description:"Recently, a number of security flaws were recently found in the DNSMasq tool. This tool is used by many systems to provide DNS and DHCP services, including by the CloudStack System VMs.",date:"2017-10-13T00:00:00.000Z",formattedDate:"October 13, 2017",tags:[{label:"announcement",permalink:"/blog/tags/announcement"}],hasTruncateMarker:!0,authors:[],frontMatter:{layout:"post",title:"Dnsmasq Vulnerabilities Advisory for CloudStack",tags:["announcement"],slug:"dnsmasq-vulnerabilities-advisory-for-cloudstack"},prevItem:{title:"Announcing Apache CloudStack LTS Maintenance Release 4.11.1.0",permalink:"/blog/announcing-apache-cloudstack-lts-maintenance"},nextItem:{title:"Apache CloudStack registerUserKeys authorization vulnerability",permalink:"/blog/apache_cloudstack_registeruserkeys_authorization_vulnerability"}},l={authorsImageUrls:[]},c=[],u={toc:c},p="wrapper";function d(e){let{components:t,...r}=e;return(0,o.kt)(p,(0,n.Z)({},u,r,{components:t,mdxType:"MDXLayout"}),(0,o.kt)("p",null,"Recently, a number of security flaws were recently found in the DNSMasq tool. This tool is used by many systems to provide DNS and DHCP services, including by the CloudStack System VMs."),(0,o.kt)("p",null,"According to Google\u2019s investigation into the software, out of seven issues, three \u2014 CVE-2017-14491, CVE-2017-14492, and CVE-2017-14493 \u2014 are remote code execution flaws caused by heap buffer overflow and stack buffer overflow errors through DHCP and DNS vectors."))}d.isMDXComponent=!0}}]);