-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Sat, 02 May 2026 18:37:29 +0200
Source: dnsmasq
Binary: dnsmasq dnsmasq-base dnsmasq-base-dbgsym dnsmasq-base-lua dnsmasq-base-lua-dbgsym dnsmasq-utils dnsmasq-utils-dbgsym
Architecture: source amd64 all
Version: 2.90-4~deb12u2
Distribution: bookworm-security
Urgency: high
Maintainer: Simon Kelley <simon@thekelleys.org.uk>
Changed-By: Sven Geuer <sge@debian.org>
Description:
 dnsmasq    - Small caching DNS proxy and DHCP/TFTP server - system daemon
 dnsmasq-base - Small caching DNS proxy and DHCP/TFTP server - executable
 dnsmasq-base-lua - Small caching DNS proxy and DHCP/TFTP server - executable, Lua-en
 dnsmasq-utils - Utilities for manipulating DHCP leases
Changes:
 dnsmasq (2.90-4~deb12u2) bookworm-security; urgency=high
 .
   * d/p/*:
     - CVE-2026-2291.patch: Fix buffer overflow in struct bigname.
     - CVE-2026-4890.patch: Fix NSEC bitmap parsing infinite loop.
     - CVE-2026-4891.patch: Verify rdlen field in RRSIG packets.
     - CVE-2026-4892.patch: Fix buffer overflow in helper.c with large CLIDs.
     - CVE-2026-4893.patch: Fix broken client subnet validation.
     - CVE-2026-5172.patch: Fix buffer overflow vulnerability in
       extract_addresses().
Checksums-Sha1:
 2f172bd4f2dba14f124dffaee767130601327474 2397 dnsmasq_2.90-4~deb12u2.dsc
 864374a3e573d4997753b34290d50072463570c9 570672 dnsmasq_2.90.orig.tar.xz
 dc4733c034ac77c6bc8dfa058652866f360731a8 34396 dnsmasq_2.90-4~deb12u2.debian.tar.xz
 73f61d87fe0836a87e1628768c9224ece7c90d94 583960 dnsmasq-base-dbgsym_2.90-4~deb12u2_amd64.deb
 08dbe6d78fc98392d2e0804f599917220cb1af61 587640 dnsmasq-base-lua-dbgsym_2.90-4~deb12u2_amd64.deb
 cc6a3f2b5e1cd1ac782834642fb566af7f1e5c07 499732 dnsmasq-base-lua_2.90-4~deb12u2_amd64.deb
 4ab2dc9804cff2657a5b0649260b01389a4c10ba 498052 dnsmasq-base_2.90-4~deb12u2_amd64.deb
 84f2ee32f79b38a32119afc8af82e63e80ab4836 28516 dnsmasq-utils-dbgsym_2.90-4~deb12u2_amd64.deb
 852d2e17a20a8e5e483be9c0fe427153cd9d420d 59528 dnsmasq-utils_2.90-4~deb12u2_amd64.deb
 1b182033651d523d6e5d52149d565bc097a45fb0 66320 dnsmasq_2.90-4~deb12u2_all.deb
 21c0104970eea7b50ac8f0aedd2692b6ee1107bc 9199 dnsmasq_2.90-4~deb12u2_amd64.buildinfo
Checksums-Sha256:
 e962782cd9f298a8c6a92ce6f7434629268f53ddbd9908d40d0bec5f08381c5c 2397 dnsmasq_2.90-4~deb12u2.dsc
 8e50309bd837bfec9649a812e066c09b6988b73d749b7d293c06c57d46a109e4 570672 dnsmasq_2.90.orig.tar.xz
 f30e80854745f495b6c1de09502b50c3a5fb4d078b6e651970bf46220de84648 34396 dnsmasq_2.90-4~deb12u2.debian.tar.xz
 36a51bd884a2f75ee2ab5eb0372067eb9adcf056166995c07a7d24da66a1b276 583960 dnsmasq-base-dbgsym_2.90-4~deb12u2_amd64.deb
 63c47ac5691f5cbbe537917205edf838ebf8cac5eb57422dc31f801810e21c8d 587640 dnsmasq-base-lua-dbgsym_2.90-4~deb12u2_amd64.deb
 73fa9e75715d4dbf558efadfa510ec590eb57dafafecb8e4ef6270e121141933 499732 dnsmasq-base-lua_2.90-4~deb12u2_amd64.deb
 77f56034a23b200c9787d3d9b423030a1e95618f476e011d988daacc19919bc1 498052 dnsmasq-base_2.90-4~deb12u2_amd64.deb
 2109325002cba3d812080ea793ad629eb0b9f2957d719159a25cb8bc82755724 28516 dnsmasq-utils-dbgsym_2.90-4~deb12u2_amd64.deb
 52de8a259324c6d6117c1ff16159ff98c618b1cb47b622502da47743a89ad334 59528 dnsmasq-utils_2.90-4~deb12u2_amd64.deb
 a523f34bca8dc758e7c5cbef96b7fa47a6423e49ceb4b68d7cdccd533c847945 66320 dnsmasq_2.90-4~deb12u2_all.deb
 40c25f50dab88f98345769f49864d7cb14983aa7be1296d8d636ac1953d7b579 9199 dnsmasq_2.90-4~deb12u2_amd64.buildinfo
Files:
 e890cdb66326fb33d3f71d821ca858e6 2397 net optional dnsmasq_2.90-4~deb12u2.dsc
 58b511a118301b8fe4e89f9734957937 570672 net optional dnsmasq_2.90.orig.tar.xz
 c5b17d3c1d8fbf27855b70aa20d7ad37 34396 net optional dnsmasq_2.90-4~deb12u2.debian.tar.xz
 962cd1f3de7e74c31198358d3c83c368 583960 debug optional dnsmasq-base-dbgsym_2.90-4~deb12u2_amd64.deb
 8630c10c8dee8237a1fcb24f798f7202 587640 debug optional dnsmasq-base-lua-dbgsym_2.90-4~deb12u2_amd64.deb
 a4ea086e3ab1edb62e9b3e3297cbf0a0 499732 net optional dnsmasq-base-lua_2.90-4~deb12u2_amd64.deb
 d352037bf3b82bd6a0fa16c953e9b5f2 498052 net optional dnsmasq-base_2.90-4~deb12u2_amd64.deb
 96d533c70a2c178b605cff7650aee62c 28516 debug optional dnsmasq-utils-dbgsym_2.90-4~deb12u2_amd64.deb
 1354ebc3521c987e6ccd7a8a5493811c 59528 net optional dnsmasq-utils_2.90-4~deb12u2_amd64.deb
 490d66e1cdbc19e83d102d001d63b3c8 66320 net optional dnsmasq_2.90-4~deb12u2_all.deb
 54d36bbb3c91669fe6c6186ccb5c33d6 9199 net optional dnsmasq_2.90-4~deb12u2_amd64.buildinfo

-----BEGIN PGP SIGNATURE-----

iQJDBAEBCgAtFiEEPfXoqkP8n9/QhvGVrfUO2vit1YUFAmn4gFIPHHNnZUBkZWJp
YW4ub3JnAAoJEK31Dtr4rdWFkzIQAIBdooaGnBc8D9gkPKsar24BLzBiF6ytr6Zu
hssOPI1/ChxJFgZIXDMLbQ1gz+BLoF/2AJbqLuRQkQOOhmHZnviCrGevg1OBn3Y6
O6QgPghD1dqlQrAyJyNyurC11F2xxLOhNKpM1+/l4f0SOcMYAiE32vmdPTUmS5sS
WzjD578c2WhHoO9D40pfR74Y1zo+535X7JpQRZL53Y1i6gXTp9jWw6a+6Bgjbd1m
jlCgVSL5SmcdVATSpyU4+dabPtLh+DEdObDcc6zEBBZxpP/qIzgu9BExonQCZQYY
xOrKilrfq+qilz658lEuNguDlyDuMRQTdq8vKczF/3YECOiZgw7KADjztJi8dEqm
/WyqprLfnAvzOXKhW0kUPeIHdLxRJ4wSyB+4R5U2N8wQpH+vbTtI6ZQK3i0OLoe8
FD5jGWYoj3JlFisa5k1ESMgYs1ErLSfferG/Px+YYRbH6QBoIt0sBkccRfRYieQ9
hjxwIWc+U4S7/227tc7RZoiaHli2Icq/mYZDcQ5AQ2jWnYJoSY5Vs0dNT+BZgrwH
59jFV7v1ZdhgD+t/EZqScXnMElZvy3GVopppTxKGY+LeZo717NDz72T8A/Vj9EnQ
/dV/xPa/1yWrlYAPFucEOq7P57kakbaiWUgpqY/z9cP0mZKssAx/dQx1x+gEp7iz
0lX45d9l
=BHT0
-----END PGP SIGNATURE-----