libreCMC v1.5.4a images are now available. This "a" revision of v1.5.4 resolves the DNS cache poisoning issues with dnsmasq. Those who have already installed v1.5.4 can install the updated packages with opkg. More info can be found on the release page.
Security Advisory 2021.01.22 : Cache Poisoning and RCE in dnsmasq CVE 2020-2568{1-7}
https://librecmc.org/fossil/librecmc/wiki?name=sec_advisory_2021_01_22
https://www.jsof-tech.com/wp-content/uploads/2021/01/DNSpooq_Technical-Whitepaper.pdf