[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

[SECURITY] [DLA 1264-1] unbound security update



-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Package        : unbound
Version        : 1.4.17-3+deb7u3
CVE ID         : CVE-2017-15105
Debian Bug     : 887733

Ralph Dolmans and Karst Koymans found a flaw in the way unbound
validated wildcard-synthesized NSEC records. An improperly validated
wildcard NSEC record could be used to prove the non-existence
(NXDOMAIN answer) of an existing wildcard record, or trick unbound
into accepting a NODATA proof.

For more information please refer to the upstream advisory at
https://unbound.net/downloads/CVE-2017-15105.txt.

For Debian 7 "Wheezy", these problems have been fixed in version
1.4.17-3+deb7u3.

We recommend that you upgrade your unbound packages.

Further information about Debian LTS security advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://wiki.debian.org/LTS
-----BEGIN PGP SIGNATURE-----

iQKTBAEBCgB9FiEErPPQiO8y7e9qGoNf2a0UuVE7UeQFAlpwoF9fFIAAAAAALgAo
aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldEFD
RjNEMDg4RUYzMkVERUY2QTFBODM1RkQ5QUQxNEI5NTEzQjUxRTQACgkQ2a0UuVE7
UeSEUg//Sk8o+S3Zb58UxdQpMVdyxDjlFY+zbLSwGf/8OBU4eN8zVWix/zu/Wd5r
2uQ+KFRY/2e3ORTdzBas9Rgf5lB5fzQ8215kzadjY7zXVUHX/C9kI1Eu5EH1xFZQ
AIBwSh/AVG/Pn6YqTQUR8hq0lvBo16Y7Xd44qcGAjISKORjZyWq7ucPyQFGz7aTi
/AMGauGgC99PG2xe4P08XkFeG4VOAkA3rEisA0qjrkgfb63pkfpVwLMVCCGsK7sZ
daJ/WRWrKohC+HJiAzRWGkP3FwhoYMvPQVcYyqW5KfZzaHQANQWvvIRr9NB/VZgp
R8WspOXK+zXW85E1+WUPm3BEJlm0fN29rDeWluPwlt/20wSLGPvI+v+qsxjrF8w/
bxnybnRFjDg6WQn2hj4aYhT+Ao9j6mmcrxYrF1fSjdWX3+/G774s7yugdKdJu3ug
tbH73b9EuGgXGZQB5cgdMYF6bQIqeK+WSsnwNoFaopZkybhnmhcUK4hlnDFaDDGP
/YelkElcw4Q8PHnWn2J1KespPeGaBX5k2watA1d0dBrgy5kl2Y6VeIlj52oTGsyS
9cFLz9dLzKwHTU9ZahSkNfraLiXyZMWZE+lIUhrqzb+4kRs6hYGd6ASAJQKI3Pi5
PzeNPoXhRobjrznPwoSigIgP8ke75Tx8bL47dTfPSRjaTV4Htqg=
=3RVZ
-----END PGP SIGNATURE-----


Reply to: