Just first month into new year 2021 here comes the DNS vulnerabilities poo-poo, again yell


I've been using OpenWRT with DoH (dns-over-https) for a long time already, currently OpenWRT seems already fixed these dnsmasq vulnerabilities at master-snapshot branch.  Since I'm still using the stable 19.07.x branch, I'm pulling out my dusty RB750Gr3 (MikroTik ROS not using dnsmasq) to use as main RG until these poo-poo settle down ...

It's been a loooong time since I last played the ROS toys, took me a while to setup my UniFi-home with DoH on AdGuard :

 


ASUSWrt annoucement at SNB will fix it soon :

Update 29Jan'21 :  ASUSWrt beta fw released fix dnspooq :

RT-AX55 running ASUSWrt beta fw confirmed using dnsmasq 2.84 :

 

ASUSWrt-Merlin's current latest 386.x-beta5 already patched :