You may have heard about the DNS vulnerability -- ISPs, hardware and software companies are rushing to patch DNS servers (e.g. BIND) for a high risk exploit, that allows hackers to poison the DNS cache. I was wondering about the DNS cache in our routers. Is dnsmasq vulnerable? From what I can find, the answer is YES, even though dnsmasq doesn't accept requests from the WAN side. All the hacker has to do is create a web site with a lot of tag pointing to evil server names; when you browse the page, your browser will cause DNS lookups from inside the network. How do we get a patch? I'm on Thibor 15c.