Opened 2 months ago

Closed 2 months ago

#19303 closed enhancement (fixed)

unbound-1.19.1

Reported by: Douglas R. Reno Owned by: Rahul Chandra
Priority: elevated Milestone: 12.1
Component: BOOK Version: git
Severity: normal Keywords:
Cc:

Description

New point version

This also has fixes for KeyTrap, the DNSSEC protocol-level vulnerability.

Change History (5)

comment:1 by Rahul Chandra, 2 months ago

Owner: changed from blfs-book to Rahul Chandra
Status: newassigned

comment:2 by Rahul Chandra, 2 months ago

13 February 2024: Wouter

  • Fix CVE-2023-50387, DNSSEC verification complexity can be exploited to exhaust CPU resources and stall DNS resolvers.
  • Fix CVE-2023-50868, NSEC3 closest encloser proof can exhaust CPU.
  • These fixes are part of the 1.19.1 release, that is a security point release on 1.19.0, the code repository continues with these fixes, with version number 1.19.2.

comment:3 by Rahul Chandra, 2 months ago

SA 12.0-096 issued

comment:5 by Rahul Chandra, 2 months ago

Resolution: fixed
Status: assignedclosed
Note: See TracTickets for help on using tickets.