[CLSA-2026:1768211704] unbound: Fix of 2 CVEs
Type:
security
Severity:
Important
Release date:
2026-01-12 09:55:08 UTC
Description:
- CVE-2023-50387: evaluate DNSSEC responses to prevent KeyTrap denial of service issue - CVE-2023-50868: fix Closest Encloser Proof aspect to prevent CPU consumption for SHA-1 computations in random subdomain attacks
Updated packages:
  • python3-unbound-1.16.2-5.el8.tuxcare.els1.x86_64.rpm
    sha:9773150e2b6d81be1264a485592f0cf978344c30ea427c14ee907ada4551da68
  • unbound-1.16.2-5.el8.tuxcare.els1.x86_64.rpm
    sha:2ba671e51a5123fcb1213c7f99b568b67b63342114bb72b1f95cf6b17c185adb
  • unbound-devel-1.16.2-5.el8.tuxcare.els1.i686.rpm
    sha:59116c1a1fe9af9b2455f3799b025cd2b2f7fb38d439dfd542be1df7b8b91ed0
  • unbound-devel-1.16.2-5.el8.tuxcare.els1.x86_64.rpm
    sha:a2899203878597b66f0794d86449887896c66d58d67b009caad5f3a8d44bdccc
  • unbound-libs-1.16.2-5.el8.tuxcare.els1.i686.rpm
    sha:42c767f1b23cf8653b91470ea263f5666ef7db2330c4fdb2bb3d61a2fadfa793
  • unbound-libs-1.16.2-5.el8.tuxcare.els1.x86_64.rpm
    sha:d70ed2649dde2186e3063c6e5019edbb08910ad846866c91f8fdde4ea5a1b4ab
Notes:
This page is generated automatically and has not been checked for errors. For clarification or corrections please contact the CloudLinux Packaging Team.