openSUSE LinuxJun 9
Security dominated May for Tumbleweed. #CVE fixes across Apache HTTP Server, #PostgreSQL, rsync, #dnsmasq, #curl, GnuTLS, #PHP, and the #Linux kernel. If you haven't run zypper dup lately, now's the time! https://news.opensuse.org/2026/06/01/tw-monthly-update-may/
Tumbleweed Monthly Update - May 2026

May delivered a steady cadence of openSUSE Tumbleweed snapshots across the major desktop stacks with KDE Gear 26.04.1, KDE Frameworks 6.26.0, Plasma 6.6.5 an...

openSUSE News
Show threadHessenheldenJun 6

@rabautz ich habe erst mit #dnsmasq angefangen, wurde aber nicht warm damit. Bei weiterer Recherche kam ich auf #KeaDHCP und ich weis nicht wo ich es gelesen habe aber es wurde als neuer #DHCP Server gefeiert. Und mit Kea bin ich sehr gut klar gekommen und dabei geblieben.

#OPNsense

rabautzJun 6
Hat sich schon wer zwischen #Dnsmasq (DHCP) und #KeaDHCP entschieden? Wenn ja für welches und warum?
Kann mich gerade nicht entscheiden zu was ich auf meiner #Opnsense migrieren sollte.
Patch Notification Robot 🔔Jun 4
Simon Kelley released #Dnsmasq version 2.93. http://www.thekelleys.org.uk/dnsmasq/doc.html
Dnsmasq - network services for small networks.

HabrMay 19

DoH на роутере OpenWRT, Mikrotik и Asus: пошаговая инструкция от того, кто сам хостит резолвер

Если коротко, DNS это последний открытый протокол в вашей сети, по которому провайдер (и любой джентльмен в кафе на open WiFi) видит, куда вы ходите. HTTPS закрыли, SNI потихоньку прячут через ECH, а DNS как был в плейне на 53-м порту, так в большинстве домашних сетей и остался. DoH (DNS over HTTPS) это лечит, но не на устройстве, а на роутере, чтобы один раз настроил и забыл про все смартфоны, тостеры и умные лампочки. Я три месяца пилю свой DNS-резолвер с фильтрацией и за это время насмотрелся на чужие конфиги достаточно, чтобы написать инструкцию без воды. Разберу OpenWRT, Mikrotik (RouterOS 7+) и Asus с Merlin, плюс подводные камни, в которые я лично наступил.

https://habr.com/ru/articles/1035612/

#DoH #OpenWRT #Mikrotik #RouterOS #AsuswrtMerlin #dnsmasq #httpsdnsproxy #DNSoverHTTPS #роутер #privacy

DoH на роутере OpenWRT, Mikrotik и Asus: пошаговая инструкция от того, кто сам хостит резолвер

Привет, Хабр! Если коротко, DNS это последний открытый протокол в вашей сети, по которому провайдер (и любой джентльмен в кафе на open WiFi) видит, куда вы ходите. HTTPS закрыли, SNI потихоньку прячут...

Хабр
PsychoticSheepMay 15
The kids PC I set up for my nephews finally got some games too!
Not so they end up trapped in Roblox hell, but so they have local/offline alternatives 🐧💜

It’s honestly surprising how much still runs on an old OptiPlex 790 (Intel HD 2000) with Debian + XFCE + Bottles... even if some games clearly prefer window mode XD

Setup includes: nftables, dnsmasq, hardened Firefox, local Invidious instance, time limits, privacy-friendly/FOSS software, indie games & learning tools.

Setup in my devblog (German): https://404lifenotfound.freeddns.org/posts/kinderpc/

#Linux #Debian #XFCE #FOSS #OpenSource #Privacy #SelfHosting #Invidious #Wine #Bottles #nftables #dnsmasq #Fediverse #Pixelfed #Parenting #DigitalParenting #Kids #ChildSafety #MediaLiteracy #KidsOnline #Education #Homelab
Show threadDaniel BöhmerMay 15

@openwrt It feels reassuring to see an OpenWRT release a short time after the #dnsmasq security fix with release notes explicitly mentioning said fix.

#pfSense has been running incredibly stable for years on my home router but its update frequency feels questionable to me. I'm going to migrate to OpenWRT. After using it on some actual WiFi gear I am amazed how much OpenWRT has matured! 🤗

House Panther     May 15

Okay, so I’ve been hating on the #Verizon #CR1000A router that was tossed in for free with my #fios internet service. It’s really not THAT bad. From a software standpoint, it’s quite feature rich and powerful being primarily powered by #dnsmasq. It probably uses #Linux. It’s lacking in the hardware department having an anemic CPU but it does have a 10Gbps Ethernet port.

Overall, I’ll regrade it from a C- to somewhere between a B+/A-. I think Verizon probably realized they underpowered it because the next generation CR1000B is better. I think they’re giving the A out to lower end customers like myself with only the 300Mbps service.

Nevertheless it can do QoS, VLANs, and more. 👍

Michel Lind  May 13

If you use #dnsmasq on @fedora or @centos Stream - be aware that there are recently disclosed CVEs - https://www.kb.cert.org/vuls/id/471747

@SUSE at least rates one of them a 9.2 on the CVSS 4.0 scale

https://www.suse.com/security/cve/CVE-2026-2291.html

Fedora updates for stable releases are about to hit testing: https://bodhi.fedoraproject.org/updates/?search=dnsmasq-2.92rel2

and if you have the #CentOSHyperscale repo enabled you can `sudo dnf install centos-release-hyperscale-testing && sudo dnf update 'dnsmasq*'`

Please give feedback for the Fedora builds and for the Hyperscale ones if you give them a spin!

https://gitlab.com/CentOS/Hyperscale/rpms/dnsmasq/-/work_items/1

As of the time of posting there is no advisory from #RedHat yet

#Fedora
#CentOS
#CentOS_Stream

CERT/CC Vulnerability Note VU#319816

npm fails to restrict the actions of malicious npm packages

Daniel MarshMay 13

CERT/CC just dropped 6 new CVEs for dnsmasq, many found by AI. These critical memory safety and input validation flaws, including heap overflows, affect everything from home routers to Linux distros. The maintainer called it 'a tsunami of AI-generated bug reports,' highlighting a new era of open-source security challenges and the 'Frankenstein' problem of distro updates. Learn how these…

https://www.tpp.blog/xv2t6x0

#cybersecurity #certcc #dnsmasq

🤖 This post was AI-generated.