3 files changed, 8 insertions, 4 deletions

diff --git a/.SRCINFO b/.SRCINFO
index 385f2f2e462f..8833b596b18e 100644
--- a/.SRCINFO
+++ b/.SRCINFO
@@ -1,7 +1,7 @@
 pkgbase = pi-hole-standalone
 	pkgdesc = The Pi-hole is an advertising-aware DNS/Web server. Arch alteration for standalone PC.
 	pkgver = 4.2.1
-	pkgrel = 1
+	pkgrel = 2
 	url = https://github.com/pi-hole/pi-hole
 	install = pi-hole-standalone.install
 	arch = any
@@ -24,7 +24,7 @@ pkgbase = pi-hole-standalone
 	md5sums = 6f4255a3471a4d2aad1ef22d5eba55aa
 	md5sums = e8fa746189015060327b26e68825a3e6
 	md5sums = b955136ef15be29a468e8d9f85f24b8c
-	md5sums = 0bab89977a2d4357ec8befb4ff85ee3d
+	md5sums = 50d29442a7b185f0d05bc2ed72f875be
 	md5sums = 047f13d4ac97877f724f87b002aaee63
 	md5sums = d42a864f88299998f8233c0bc0dd093d
 	md5sums = 7821b6dfe380955073701e5acd1587a2
diff --git a/PKGBUILD b/PKGBUILD
index 589f5869e3ad..e5a8133b3b79 100644
--- a/PKGBUILD
+++ b/PKGBUILD
@@ -3,7 +3,7 @@
 pkgname=pi-hole-standalone
 _pkgname=pi-hole
 pkgver=4.2.1
-pkgrel=1
+pkgrel=2
 pkgdesc='The Pi-hole is an advertising-aware DNS/Web server. Arch alteration for standalone PC.'
 arch=('any')
 license=('EUPL-1.1')
@@ -26,7 +26,7 @@ source=(https://github.com/$_pkgname/$_pkgname/archive/v$pkgver.tar.gz
 md5sums=('6f4255a3471a4d2aad1ef22d5eba55aa'
          'e8fa746189015060327b26e68825a3e6'
          'b955136ef15be29a468e8d9f85f24b8c'
-         '0bab89977a2d4357ec8befb4ff85ee3d'
+         '50d29442a7b185f0d05bc2ed72f875be'
          '047f13d4ac97877f724f87b002aaee63'
          'd42a864f88299998f8233c0bc0dd093d'
          '7821b6dfe380955073701e5acd1587a2'
diff --git a/dnsmasq.include b/dnsmasq.include
index 60672ad5377f..afcd93da2898 100644
--- a/dnsmasq.include
+++ b/dnsmasq.include
@@ -28,3 +28,7 @@ localise-queries
 bogus-priv
 no-resolv
 cache-size=10000
+# If a DHCP client claims that its name is "wpad", ignore that.
+# This fixes a security hole. see CERT Vulnerability VU#598349
+dhcp-name-match=set:wpad-ignore,wpad
+dhcp-ignore-names=tag:wpad-ignore