The remote host is missing an update to dnsmasq announced via advisory FEDORA-2009-1069.

Apply the appropriate updates. This update can be installed with the yum update program. Use su -c 'yum update dnsmasq' at the command line. For more information, refer to Managing Software with yum, available at http://docs.fedoraproject.org/yum/. https://secure1.securityspace.com/smysecure/catid.html?in=FEDORA-2009-1069

Update Information: Update to newer upstream version - 2.45. Version of dnsmasq previously shipped in Fedora 9 did not properly drop privileges, causing it to run as root instead of intended user nobody. Issue was caused by a bug in kernel-headers used in build environment of the original packages. (#454415) New upstream version also adds DNS query source port randomization, mitigating DNS spoofing attacks. (CVE-2008-1447) ChangeLog: * Mon Jul 21 2008 Patrick Jima Laughton 2.45-1 - Upstream release (bugfixes) * Wed Jul 16 2008 Patrick Jima Laughton 2.43-2 - New upstream release, contains fixes for CVE-2008-1447/CERT VU#800113 - Dropped patch for newer glibc (merged upstream)

• https://bugzilla.redhat.com/show_bug.cgi?id=449345

---

Updated on 2015-03-25