Details
Details
Google Project Zero just unveiled a bunch of critical-severity issues in dnsmasq that are already being exploited publicly; if ever there were a worthy time to backport the patched version from Debian and push it through apt, this is it. Pretty much everybody with DNS enabled on 1.1.7 is vulnerable to RCE.
I know the big push is on 1.2.x, but please don't forget about all of us with existing 1.1.x installations...