Release Info

Advisory: CLSA-2024:1734532058

OS: AlmaLinux 9.2 ESU

Public date: 2024-12-18 09:27:41

Project: unbound

Version: 1.16.2-3.el9.tuxcare.els1

Errata link: https://errata.tuxcare.com/almalinux9.2-esu/CLSA-2024-1734532058.html

Changelog

- CVE-2023-50387: Evaluate DNSSEC responses to prevent KeyTrap denial of service issue. - CVE-2023-50868: Fix Closest Encloser Proof aspect to prevent CPU consumption for SHA-1 computations in random subdomain attacks

Update

Update command: dnf update unbound*

Packages list

python3-unbound-1.16.2-3.el9.tuxcare.els1.x86_64.rpm unbound-1.16.2-3.el9.tuxcare.els1.x86_64.rpm unbound-devel-1.16.2-3.el9.tuxcare.els1.i686.rpm unbound-devel-1.16.2-3.el9.tuxcare.els1.x86_64.rpm unbound-libs-1.16.2-3.el9.tuxcare.els1.i686.rpm unbound-libs-1.16.2-3.el9.tuxcare.els1.x86_64.rpm

CVEs

CVE-2023-50868
CVE-2023-50387