upvote
neat, i'm a big fan of trail of bits but apparently missed this announcement. here's their post: https://blog.trailofbits.com/2026/06/22/introducing-patch-th... and a summary of week 1: https://gist.github.com/patch-the-planet/69fd1aa925c8e73edea...
reply
Sidenote but... I read this on that link:

dnsmasq: Codex Security independently identified vulnerable patterns corresponding to four of the six dnsmasq CVEs later fixed in 2.92rel2: CVE-2026-4890 (opens in a new window), CVE-2026-4891 (opens in a new window), CVE-2026-4892 (opens in a new window), and CVE-2026-517

dnsmasq has had so many freaking security holes in 2025 and 2026 that atm I decided to just remove that thing from all my machines.

reply
"dnsmasq has had so many freaking security holes in 2025 and 2026 that atm I decided to just remove that thing from all my machines."

Would be nice if OpenWRT would stop including it by default

reply
What else is out there that fits openWRT's use case? BIND seems like it would be a bit "heavy"
reply