Re: dnsmasq 2.92rel2

On 2026/05/12 20:38, Klemens Nanni wrote: > 12.05.2026 14:36, Stuart Henderson пишет: > > https://lists.thekelleys.org.uk/pipermail/dnsmasq-discuss/2026q2/018471.html > > > > Fix buffer overflow in struct bigname. CVE-2026-2291 > > Fix NSEC bitmap parsing infinite loop. CVE-2026-4890 > > Verify rdlen field in RRSIG packets. CVE-2026-4891 > > Fix buffer overflow in helper.c with large CLIDs. CVE-2026-4892 > > Fix broken client subnet validation. CVE-2026-4893 > > Fix buffer overflow vulnerability in extract_addresses() CVE-2026-5172 > > > > ok? > > OK kn > > > > > Index: Makefile > > =================================================================== > > RCS file: /cvs/ports/net/dnsmasq/Makefile,v > > diff -u -p -r1.71 Makefile > > --- Makefile 9 Feb 2026 18:10:36 -0000 1.71 > > +++ Makefile 12 May 2026 11:34:08 -0000 > > @@ -1,6 +1,7 @@ > > COMMENT= lightweight caching DNS forwarder, DHCP and TFTP server > > > > -DISTNAME= dnsmasq-2.92 > > +DISTNAME= dnsmasq-2.92rel2 > > +PKGNAME= ${DISTNAME:S/rel/pl/} > > Looks like even "rel" would work, but I do prefer "pl" as well: > > $ pkg_check-version -v dnsmasq-2.92{,rel2} > dnsmasq-2.92 has no issues > dnsmasq-2.92rel2 has no issues > dnsmasq-*- sorts as (older to newer): dnsmasq-2.92 dnsmasq-2.92rel2 It would up to rel9, but then fail to sort as expected. pl is handled by packages-specs(7), I'd prefer to stick with that even if there's unlikely to be a rel10 in this case to avoid giving a bad example.