{"affected":[{"ecosystem_specific":{"binaries":[{"dnsmasq-utils":"2.71-4.1"}]},"package":{"ecosystem":"SUSE:Cloud Compute Node for SUSE Linux Enterprise 12 5","name":"dnsmasq","purl":"pkg:rpm/suse/dnsmasq&distro=SUSE%20Cloud%20Compute%20Node%20for%20SUSE%20Linux%20Enterprise%2012%205"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"2.71-4.1"}],"type":"ECOSYSTEM"}]}],"aliases":[],"details":"The DNS server dnsmasq was updated to fix one security issue and one non-security bug.\n\nThe following vulnerability was fixed:\n\n* CVE-2015-3294: A remote unauthenticated attacker could have caused a denial of service (DoS) or read heap memory, potentially disclosing information such as performed DNS queries or encryption keys. (bsc#928867)\n\nThe following bug was fixed:\n\n* bsc#923144: When answer to an upstream query is a CNAME pointing to an A/AAAA record which is present locally (/etc/hosts), allow caching when the upstream and local A/AAAA records have the same value.\n","id":"SUSE-SU-2015:0979-2","modified":"2015-04-28T16:45:15Z","published":"2015-04-28T16:45:15Z","references":[{"type":"ADVISORY","url":"https://www.suse.com/support/update/announcement/2015/suse-su-20150979-2/"},{"type":"REPORT","url":"https://bugzilla.suse.com/923144"},{"type":"REPORT","url":"https://bugzilla.suse.com/928867"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2015-3294"}],"related":["CVE-2015-3294"],"summary":"Security update for dnsmasq","upstream":["CVE-2015-3294"]}