| Reported on: | 20120618 |
|---|---|
| Published on: | 20120709 |
| Fixed on: | 20121129 |
| Reported by: | David Woodhouse |
|---|---|
| Patched by: | Laine Stump |
The DNS server run on the virtual networks did not restrict what source interfaces it was prepared to answer queries from. It was only supposed to answer queries from guest interfaces, however, it could answer queries from the public interfaces
If the virtual network is configured with a public IP address range, then it would effectively operate as an open DNS server for the world, instead of just the virtual machines.
Do not configure the virtual network with public IP address ranges, or use network router firewall rules to block access to the DNS ports on the virtualization host
| Branch | master |
|---|---|
| Broken in: | v0.4.2 |
| Broken in: | v0.4.4 |
| Broken in: | v0.4.6 |
| Broken in: | v0.5.0 |
| Broken in: | v0.5.1 |
| Broken in: | v0.6.0 |
| Broken in: | v0.6.1 |
| Broken in: | v0.6.2 |
| Broken in: | v0.6.3 |
| Broken in: | v0.6.4 |
| Broken in: | v0.6.5 |
| Broken in: | v0.7.0 |
| Broken in: | v0.7.1 |
| Broken in: | v0.7.2 |
| Broken in: | v0.7.3 |
| Broken in: | v0.7.4 |
| Broken in: | v0.7.5 |
| Broken in: | v0.7.6 |
| Broken in: | v0.7.7 |
| Broken in: | v0.8.0 |
| Broken in: | v0.8.1 |
| Broken in: | v0.8.2 |
| Broken in: | v0.8.3 |
| Broken in: | v0.8.4 |
| Broken in: | v0.8.5 |
| Broken in: | v0.8.6 |
| Broken in: | v0.8.7 |
| Broken in: | v0.8.8 |
| Broken in: | v0.9.0 |
| Broken in: | v0.9.1 |
| Broken in: | v0.9.2 |
| Broken in: | v0.9.3 |
| Broken in: | v0.9.4 |
| Broken in: | v0.9.5 |
| Broken in: | v0.9.6 |
| Broken in: | v0.9.7 |
| Broken in: | v0.9.8 |
| Broken in: | v0.9.9 |
| Broken in: | v0.9.10 |
| Broken in: | v0.9.11 |
| Broken in: | v0.9.12 |
| Broken in: | v0.9.13 |
| Broken in: | v0.10.0 |
| Broken in: | v0.10.1 |
| Broken in: | v0.10.2 |
| Broken in: | v1.0.0 |
| Fixed in: | v1.0.1 |
| Broken by: | 038b434f144fa9d24c6e4e9988707ee114973a8a |
| Fixed by: | 753ff83a50263d6975f88d6605d4b5ddfcc97560 |
| Branch | v0.8.3-maint |
|---|---|
| Broken by: | 038b434f144fa9d24c6e4e9988707ee114973a8a |
| Branch | v0.9.6-maint |
|---|---|
| Broken in: | v0.9.6.1 |
| Broken in: | v0.9.6.2 |
| Broken in: | v0.9.6.3 |
| Broken in: | v0.9.6.4 |
| Broken by: | 038b434f144fa9d24c6e4e9988707ee114973a8a |
| Branch | v0.9.11-maint |
|---|---|
| Broken in: | v0.9.11.1 |
| Broken in: | v0.9.11.2 |
| Broken in: | v0.9.11.3 |
| Broken in: | v0.9.11.4 |
| Broken in: | v0.9.11.5 |
| Broken in: | v0.9.11.6 |
| Broken in: | v0.9.11.7 |
| Fixed in: | v0.9.11.8 |
| Broken by: | 038b434f144fa9d24c6e4e9988707ee114973a8a |
| Fixed by: | 2abde0ac0740e57c47ed684ce0d56195b977bdb3 |
| Branch | v0.9.12-maint |
|---|---|
| Broken in: | v0.9.12.1 |
| Broken in: | v0.9.12.2 |
| Broken in: | v0.9.12.3 |
| Broken by: | 038b434f144fa9d24c6e4e9988707ee114973a8a |
| Branch | v0.10.2-maint |
|---|---|
| Broken in: | v0.10.2.1 |
| Fixed in: | v0.10.2.2 |
| Broken by: | 038b434f144fa9d24c6e4e9988707ee114973a8a |
| Fixed by: | 3fbab08a52fd8cabbf5639c6badd34ceff3e53fe |
| Branch | v1.0.0-maint |
|---|---|
| Broken by: | 038b434f144fa9d24c6e4e9988707ee114973a8a |