[CLSA-2024:1734532058] unbound: Fix of 2 CVEs
Type:
security
Severity:
Important
Release date:
2024-12-18 14:27:45 UTC
Description:
- CVE-2023-50387: Evaluate DNSSEC responses to prevent KeyTrap denial of service issue. - CVE-2023-50868: Fix Closest Encloser Proof aspect to prevent CPU consumption for SHA-1 computations in random subdomain attacks
Updated packages:
  • python3-unbound-1.16.2-3.el9.tuxcare.els1.x86_64.rpm
    sha:050e5c5e47de427ba78ca261e9ae95793e5a0a6b91ad76a11b2f4d91429815d0
  • unbound-1.16.2-3.el9.tuxcare.els1.x86_64.rpm
    sha:bcea832589862eed3cc9265f582b3bf1e26af6ec09b498aebbad09d643a9ae01
  • unbound-devel-1.16.2-3.el9.tuxcare.els1.i686.rpm
    sha:24ddb3f85950dda8202bbb5c0f1968372d76927aaa1afcc1ea902d557fcec876
  • unbound-devel-1.16.2-3.el9.tuxcare.els1.x86_64.rpm
    sha:f3bf995b4dcfbbc1d1dfd9f65597efbec4ee826c8ea2ae36f361815330eff454
  • unbound-libs-1.16.2-3.el9.tuxcare.els1.i686.rpm
    sha:2919d01cf683fc00a03e145703cf2b063d022717141df14c72db45433b1f4a54
  • unbound-libs-1.16.2-3.el9.tuxcare.els1.x86_64.rpm
    sha:de5ff3bc8fefce766a62d09a23804b961c040670e46a36e4c43e35fbad9092c8
Notes:
This page is generated automatically and has not been checked for errors. For clarification or corrections please contact the CloudLinux Packaging Team.