From eca975a3707d00730ef706d009e4109500c89be2 Mon Sep 17 00:00:00 2001 From: bcambl Date: Mon, 17 Dec 2018 21:03:54 -0600 Subject: [PATCH 1/2] add sqlite3 dependency for fedora `sqlite3` is provided by the `sqlite` package on CentOS & Fedora Signed-off-by: bcambl (cherry picked from commit 724afc000f127dae77bfe3d02e2260123527857b) --- automated install/basic-install.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/automated install/basic-install.sh b/automated install/basic-install.sh index 4cb2a467..b6bf7b6d 100755 --- a/automated install/basic-install.sh +++ b/automated install/basic-install.sh @@ -249,7 +249,7 @@ elif is_command rpm ; then PKG_INSTALL=(${PKG_MANAGER} install -y) PKG_COUNT="${PKG_MANAGER} check-update | egrep '(.i686|.x86|.noarch|.arm|.src)' | wc -l" INSTALLER_DEPS=(dialog git iproute newt procps-ng which) - PIHOLE_DEPS=(bc bind-utils cronie curl findutils nmap-ncat sudo unzip wget libidn2 psmisc) + PIHOLE_DEPS=(bc bind-utils cronie curl findutils nmap-ncat sudo unzip wget libidn2 psmisc sqlite) PIHOLE_WEB_DEPS=(lighttpd lighttpd-fastcgi php-common php-cli php-pdo) LIGHTTPD_USER="lighttpd" LIGHTTPD_GROUP="lighttpd" From 04fd296ffe8ea2411dc158c3a6f12cd6f48cc1be Mon Sep 17 00:00:00 2001 From: DL6ER Date: Tue, 1 Jan 2019 17:13:43 +0100 Subject: [PATCH 2/2] Add wpad vulnerability fix as suggested by dnsmasq.conf.example Signed-off-by: DL6ER --- advanced/01-pihole.conf | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/advanced/01-pihole.conf b/advanced/01-pihole.conf index 3f4e4bc5..af46e918 100644 --- a/advanced/01-pihole.conf +++ b/advanced/01-pihole.conf @@ -46,3 +46,8 @@ log-facility=/var/log/pihole.log local-ttl=2 log-async + +# If a DHCP client claims that its name is "wpad", ignore that. +# This fixes a security hole. see CERT Vulnerability VU#598349 +dhcp-name-match=set:wpad-ignore,wpad +dhcp-ignore-names=tag:wpad-ignore