projects / feed / packages.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: f09eaa4) | patch
unbound: update to 1.6.8 for CVE-2017-15105 5479/head
authorEric Luehrsen <ericluehrsen@hotmail.com>
Sat, 20 Jan 2018 02:24:54 +0000 (21:24 -0500)
committerEric Luehrsen <ericluehrsen@hotmail.com>
Sat, 20 Jan 2018 02:25:14 +0000 (21:25 -0500)
commitb6cf69bca6d3f080ad748d1df848f93aa4e5dad1
treef62d87139378fccd9faa28384e6e1d9d93d94402tree | snapshot
parentf09eaa4f39dc695c47a6ecb0937ac937a73ccb9ccommit | diff
unbound: update to 1.6.8 for CVE-2017-15105

A vulnerability was discovered in the processing of wildcard synthesized
NSEC records. While synthesis of NSEC records is allowed by RFC4592,
these synthesized owner names should not be used in the NSEC processing.
This does, however, happen in Unbound 1.6.7 and earlier versions.
(see https://unbound.net/downloads/CVE-2017-15105.txt)

Signed-off-by: Eric Luehrsen <ericluehrsen@hotmail.com>
net/unbound/Makefile diff | blob | history
net/unbound/patches/001-conf.patch diff | blob | history
Mirror of packages feed