A few minutes ago, there was a published security advisory for dnsmasq by OpenWrt developers. The full announcement can be found here: https://openwrt.org/advisory/2021-01-19-1
There are vulnerabilities in dnsmasq and it’s known as DNSpooq. There are two types of vulnerabilities - DNS cache poisoning attacks and buffer overflow vulnerabilities.
OpenWrt decided to do a new release - OpenWrt 19.07.6, which fixes or mitigates this vulnerability. We will shortly announce a new version of Turris OS in the Testing branch, which will be based on this version to make your routers safe.