new Dnsmasq vulnerability - looking for patch & advice

2 posts / 0 new
Last post
MyOpenMind
MyOpenMind's picture
new Dnsmasq vulnerability - looking for patch & advice

Re:

https://arstechnica.com/information-technology/2017/10/code-execution-fl...

The vulnerability has been patched:

http://svn.dd-wrt.com/ticket/5987

I use Dnsmasq extensively on my R8000.  I've observered some anomolies in recent days, things like HTTPS not working on high-security sites (like banking), my guess is they're cert-pining and my SSL certificate chain-of-trust is invalid.  This wasn't happening a few weeks ago, so something's amiss.  Could be hacked or (??)

Should I go back to OEM firmware until Kong rolls patch into FW update?

I guess what I'm asking is how long can we expect it to take to get patched firmware.  Will it be days, weeks, or months?

Not bagging on Kong, dd-wrt, etc!  You guys are doing excellent work!  Just need advice on what to do here.

Thanks & props to the devs...

 

racingSnail
racingSnail's picture
(+1)

(+1)

I have an R7800 on which I have been running Kong's builds.  I noticed the same article today and am anxious to install an updated build of DD-WRT.  Thank you Kong and other devs for your past and future work on DD-WRT!