PsychoticSheep2d ago
The kids PC I set up for my nephews finally got some games too!
Not so they end up trapped in Roblox hell, but so they have local/offline alternatives 🐧💜

It’s honestly surprising how much still runs on an old OptiPlex 790 (Intel HD 2000) with Debian + XFCE + Bottles... even if some games clearly prefer window mode XD

Setup includes: nftables, dnsmasq, hardened Firefox, local Invidious instance, time limits, privacy-friendly/FOSS software, indie games & learning tools.

Setup in my devblog (German): https://404lifenotfound.freeddns.org/posts/kinderpc/

#Linux #Debian #XFCE #FOSS #OpenSource #Privacy #SelfHosting #Invidious #Wine #Bottles #nftables #dnsmasq #Fediverse #Pixelfed #Parenting #DigitalParenting #Kids #ChildSafety #MediaLiteracy #KidsOnline #Education #Homelab
Show threadDaniel Böhmer2d ago

@openwrt It feels reassuring to see an OpenWRT release a short time after the #dnsmasq security fix with release notes explicitly mentioning said fix.

#pfSense has been running incredibly stable for years on my home router but its update frequency feels questionable to me. I'm going to migrate to OpenWRT. After using it on some actual WiFi gear I am amazed how much OpenWRT has matured! 🤗

House Panther 2d ago

Okay, so I’ve been hating on the #Verizon #CR1000A router that was tossed in for free with my #fios internet service. It’s really not THAT bad. From a software standpoint, it’s quite feature rich and powerful being primarily powered by #dnsmasq. It probably uses #Linux. It’s lacking in the hardware department having an anemic CPU but it does have a 10Gbps Ethernet port.

Overall, I’ll regrade it from a C- to somewhere between a B+/A-. I think Verizon probably realized they underpowered it because the next generation CR1000B is better. I think they’re giving the A out to lower end customers like myself with only the 300Mbps service.

Nevertheless it can do QoS, VLANs, and more. 👍

Michel Lind  4d ago

If you use #dnsmasq on @fedora or @centos Stream - be aware that there are recently disclosed CVEs - https://www.kb.cert.org/vuls/id/471747

@SUSE at least rates one of them a 9.2 on the CVSS 4.0 scale

https://www.suse.com/security/cve/CVE-2026-2291.html

Fedora updates for stable releases are about to hit testing: https://bodhi.fedoraproject.org/updates/?search=dnsmasq-2.92rel2

and if you have the #CentOSHyperscale repo enabled you can `sudo dnf install centos-release-hyperscale-testing && sudo dnf update 'dnsmasq*'`

Please give feedback for the Fedora builds and for the Hyperscale ones if you give them a spin!

https://gitlab.com/CentOS/Hyperscale/rpms/dnsmasq/-/work_items/1

As of the time of posting there is no advisory from #RedHat yet

#Fedora
#CentOS
#CentOS_Stream

CERT/CC Vulnerability Note VU#471747

dnsmasq contains several vulnerabilities, including attacker DNS redirect, privilege escalation, and heap manipulation

JP Mens4d ago

"CERT is releasing [ / has released ] a set of six CVEs for serious security vulnerabilities in dnsmasq. These are all long-standing bugs which apply to pretty much all non-ancient versions. The CVE has been pre-disclosed to vendors, so hopefully they will be releasing patched
versions of their dnsmasq packages in a timely manner."

https://lists.thekelleys.org.uk/pipermail/dnsmasq-discuss/2026q2/018471.html

#dnsmasq #dns

[Dnsmasq-discuss] Security - IMPORTANT

Daniel Marsh4d ago

CERT/CC just dropped 6 new CVEs for dnsmasq, many found by AI. These critical memory safety and input validation flaws, including heap overflows, affect everything from home routers to Linux distros. The maintainer called it 'a tsunami of AI-generated bug reports,' highlighting a new era of open-source security challenges and the 'Frankenstein' problem of distro updates. Learn how these…

https://www.tpp.blog/xv2t6x0

#cybersecurity #certcc #dnsmasq

🤖 This post was AI-generated.

GripNews5d ago
🌖 [Dnsmasq-discuss] 安全性公告:重要通知
➤ 應對 AI 時代的漏洞潮:Dnsmasq 採取快速修補策略
https://lists.thekelleys.org.uk/pipermail/dnsmasq-discuss/2026q2/018471.html
軟體維護者 Simon Kelley 近日發布重要安全性公告,針對 Dnsmasq 軟體中六項長期存在的嚴重漏洞(CVE)進行修補。鑑於近期 AI 驅動的安全研究引發漏洞報告激增,開發團隊已採取緊急措施,發布 2.92rel2 版本並預告 2.93 版本即將推出。Kelley 強調,由於漏洞資訊早已廣泛流傳,採取冗長的封鎖期(embargo)已無實際效益,目前策略重心在於加速修補並確保後續版本的穩定性。
+ 感謝作者誠實面對漏洞並給出清晰的升級建議,這種透明度對開源社羣至關重要。
+ AI 帶來的漏洞報告數量確實驚人,維護者要處理這些海量重複的報告真的辛苦了,期待 2.93 版本的穩定發布。
#資訊安全 #Dnsmasq #漏洞修補
[Dnsmasq-discuss] Security - IMPORTANT

jbz5d ago

「 Today, 11th May 2026 CERT is releasing a set of six CVEs for serious
security vulnerabilities in dnsmasq. These are all long-standing bugs
which apply to pretty much all non-ancient versions. The CVE has been
pre-disclosed to vendors, so hopefully they will be releasing patched
versions of their dnsmasq packages in a timely manner 」

https://lists.thekelleys.org.uk/pipermail/dnsmasq-discuss/2026q2/018471.html

#dnsmasq #cve #cybersecurity

[Dnsmasq-discuss] Security - IMPORTANT

N-gated Hacker News5d ago
🚨 OMG, #dnsmasq is exploding! 🚨 In a shocking twist of fate, CERT drops six #CVEs on lazy vendors who didn't realize their software was a ticking time bomb. Apparently, "longstanding bugs" means "we've ignored this for years, but now it's an emergency" 😂.
https://lists.thekelleys.org.uk/pipermail/dnsmasq-discuss/2026q2/018471.html #cybersecurity #softwarebugs #vendorresponsibility #emergencyfix #HackerNews #ngated
[Dnsmasq-discuss] Security - IMPORTANT

Hacker News5d ago

CERT is releasing six CVEs for serious security vulnerabilities in dnsmasq

https://lists.thekelleys.org.uk/pipermail/dnsmasq-discuss/2026q2/018471.html

#HackerNews #CERT #CVEs #dnsmasq #security #vulnerabilities #cybersecurity #patches

[Dnsmasq-discuss] Security - IMPORTANT