On 2026/05/12 20:38, Klemens Nanni wrote:
> 12.05.2026 14:36, Stuart Henderson пишет:
> > https://lists.thekelleys.org.uk/pipermail/dnsmasq-discuss/2026q2/018471.html
> > 
> >     Fix buffer overflow in struct bigname.  CVE-2026-2291
> >     Fix NSEC bitmap parsing infinite loop. CVE-2026-4890
> >     Verify rdlen field in RRSIG packets. CVE-2026-4891
> >     Fix buffer overflow in helper.c with large CLIDs. CVE-2026-4892
> >     Fix broken client subnet validation. CVE-2026-4893
> >     Fix buffer overflow vulnerability in extract_addresses() CVE-2026-5172
> > 
> > ok?
> 
> OK kn
> 
> > 
> > Index: Makefile
> > ===================================================================
> > RCS file: /cvs/ports/net/dnsmasq/Makefile,v
> > diff -u -p -r1.71 Makefile
> > --- Makefile	9 Feb 2026 18:10:36 -0000	1.71
> > +++ Makefile	12 May 2026 11:34:08 -0000
> > @@ -1,6 +1,7 @@
> >  COMMENT=	lightweight caching DNS forwarder, DHCP and TFTP server
> >  
> > -DISTNAME=	dnsmasq-2.92
> > +DISTNAME=	dnsmasq-2.92rel2
> > +PKGNAME=	${DISTNAME:S/rel/pl/}
> 
> Looks like even "rel" would work, but I do prefer "pl" as well:
> 
> 	$ pkg_check-version -v dnsmasq-2.92{,rel2}
> 	dnsmasq-2.92 has no issues
> 	dnsmasq-2.92rel2 has no issues
> 	dnsmasq-*- sorts as (older to newer): dnsmasq-2.92 dnsmasq-2.92rel2

It would up to rel9, but then fail to sort as expected. pl is handled
by packages-specs(7), I'd prefer to stick with that even if there's
unlikely to be a rel10 in this case to avoid giving a bad example.