[Git][security-tracker-team/security-tracker][master] disassociate various old bogus dnsmasq issues from src:dnsmasq

Moritz Muehlenhoff (@jmm) jmm at debian.org
Fri Aug 22 14:10:07 BST 2025 


Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker


Commits:
b49da9e6 by Moritz Muehlenhoff at 2025-08-22T15:09:31+02:00
disassociate various old bogus dnsmasq issues from src:dnsmasq

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -321005,40 +321005,33 @@ CVE-2021-45958 (UltraJSON (aka ujson) through 5.1.0 has a stack-based buffer ove
 	NOTE: https://github.com/ultrajson/ultrajson/pull/504
 	NOTE: Fixed by: https://github.com/ultrajson/ultrajson/pull/519
 CVE-2021-45957 (Dnsmasq 2.86 has a heap-based buffer overflow in answer_request (calle ...)
-	- dnsmasq <unfixed> (unimportant)
+	NOTE: Non issue, result of poorly automated fuzzing effort
 	NOTE: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=35920
 	NOTE: https://github.com/google/oss-fuzz-vulns/blob/main/vulns/dnsmasq/OSV-2021-935.yaml
-	NOTE: Non issue, result of poorly automated fuzzing effort
 CVE-2021-45956 (Dnsmasq 2.86 has a heap-based buffer overflow in print_mac (called fro ...)
-	- dnsmasq <unfixed> (unimportant)
+	NOTE: Non issue, result of poorly automated fuzzing effort
 	NOTE: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=35887
 	NOTE: https://github.com/google/oss-fuzz-vulns/blob/main/vulns/dnsmasq/OSV-2021-933.yaml
-	NOTE: Non issue, result of poorly automated fuzzing effort
 CVE-2021-45955 (Dnsmasq 2.86 has a heap-based buffer overflow in resize_packet (called ...)
-	- dnsmasq <unfixed> (unimportant)
+	NOTE: Non issue, result of poorly automated fuzzing effort
 	NOTE: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=35898
 	NOTE: https://github.com/google/oss-fuzz-vulns/blob/main/vulns/dnsmasq/OSV-2021-932.yaml
-	NOTE: Non issue, result of poorly automated fuzzing effort
 CVE-2021-45954 (Dnsmasq 2.86 has a heap-based buffer overflow in extract_name (called  ...)
-	- dnsmasq <unfixed> (unimportant)
+	NOTE: Non issue, result of poorly automated fuzzing effort
 	NOTE: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=35861
 	NOTE: https://github.com/google/oss-fuzz-vulns/blob/main/vulns/dnsmasq/OSV-2021-931.yaml
-	NOTE: Non issue, result of poorly automated fuzzing effort
 CVE-2021-45953 (Dnsmasq 2.86 has a heap-based buffer overflow in extract_name (called  ...)
-	- dnsmasq <unfixed> (unimportant)
+	NOTE: Non issue, result of poorly automated fuzzing effort
 	NOTE: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=35858
 	NOTE: https://github.com/google/oss-fuzz-vulns/blob/main/vulns/dnsmasq/OSV-2021-929.yaml
-	NOTE: Non issue, result of poorly automated fuzzing effort
 CVE-2021-45952 (Dnsmasq 2.86 has a heap-based buffer overflow in dhcp_reply (called fr ...)
-	- dnsmasq <unfixed> (unimportant)
+	NOTE: Non issue, result of poorly automated fuzzing effort
 	NOTE: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=35870
 	NOTE: https://github.com/google/oss-fuzz-vulns/blob/main/vulns/dnsmasq/OSV-2021-927.yaml
-	NOTE: Non issue, result of poorly automated fuzzing effort
 CVE-2021-45951 (Dnsmasq 2.86 has a heap-based buffer overflow in check_bad_address (ca ...)
-	- dnsmasq <unfixed> (unimportant)
+	NOTE: Non issue, result of poorly automated fuzzing effort
 	NOTE: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=35868
 	NOTE: https://github.com/google/oss-fuzz-vulns/blob/main/vulns/dnsmasq/OSV-2021-924.yaml
-	NOTE: Non issue, result of poorly automated fuzzing effort
 CVE-2021-45950 (LibreDWG 0.12.4.4313 through 0.12.4.4367 has an out-of-bounds write in ...)
 	- libredwg <itp> (bug #595191)
 CVE-2021-45949 (Ghostscript GhostPDL 9.50 through 9.54.0 has a heap-based buffer overf ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/b49da9e6745f7b9761c72b9591def712c8872bd1

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/b49da9e6745f7b9761c72b9591def712c8872bd1
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20250822/6429a447/attachment-0001.htm>

More information about the debian-security-tracker-commits mailing list