unbound 1.6.7-1ubuntu2.4 source package in Ubuntu
Changelog
unbound (1.6.7-1ubuntu2.4) bionic-security; urgency=medium
* SECURITY UPDATE: configuration injection via MITM
- debian/patches/CVE-2019-25031.patch: use https, remove special
characters in contrib/create_unbound_ad_servers.sh.
- CVE-2019-25031
* SECURITY UPDATE: integer overflows in the regional allocator
- debian/patches/CVE-2019-25032.patch: fix overflows in config.h.in,
configure, configure.ac, util/regional.c.
- CVE-2019-25032
- CVE-2019-25033
* SECURITY UPDATE: integer overflow in sldns_str2wire_dname_buf_origin
- debian/patches/CVE-2019-25034.patch: check lengths in
sldns/str2wire.c.
- CVE-2019-25034
* SECURITY UPDATE: out-of-bounds write in sldns_bget_token_par
- debian/patches/CVE-2019-25035.patch: check for space in
sldns/parse.c.
- CVE-2019-25035
* SECURITY UPDATE: assertion failure and denial of service
- debian/patches/CVE-2019-25036.patch: validate lengths in
iterator/iter_scrub.c.
- CVE-2019-25036
* SECURITY UPDATE: assertion failure and denial of service
- debian/patches/CVE-2019-25037.patch: validate length in
util/data/dname.c.
- CVE-2019-25037
* SECURITY UPDATE: integer overflow in a size calculation
- debian/patches/CVE-2019-25038.patch: check for overflows in
dnscrypt/dnscrypt.c, respip/respip.c.
- CVE-2019-25038
- CVE-2019-25039
* SECURITY UPDATE: infinite loop and assertion fail via compressed name
- debian/patches/CVE-2019-25040.patch: validate compression pointers in
util/data/dname.c.
- CVE-2019-25040
- CVE-2019-25041
* SECURITY UPDATE: out-of-bounds write via a compressed name
- debian/patches/CVE-2019-25042.patch: move assert in
util/data/msgreply.c.
- CVE-2019-25042
* SECURITY UPDATE: incorrect PID file handling
- debian/patches/CVE-2020-28935.patch: check for symlinks in
daemon/unbound.c.
- CVE-2020-28935
* debian/patches: rename debian-changes to misc-changes.patch.
-- Marc Deslauriers <email address hidden> Wed, 05 May 2021 07:38:50 -0400
Upload details
- Uploaded by:
- Marc Deslauriers
- Uploaded to:
- Bionic
- Original maintainer:
- Ubuntu Developers
- Architectures:
- any
- Section:
- net
- Urgency:
- Medium Urgency
See full publishing history Publishing
| Series | Published | Component | Section |
|---|
Downloads
| File | Size | SHA-256 Checksum |
|---|---|---|
| unbound_1.6.7.orig.tar.gz | 5.2 MiB | 4e7bd43d827004c6d51bef73adf941798e4588bdb40de5e79d89034d69751c9f |
| unbound_1.6.7-1ubuntu2.4.debian.tar.xz | 36.2 KiB | 5dd46ef27718170120b60a972ae70e48dfe1023493e49dd528579cb7bbf0078e |
| unbound_1.6.7-1ubuntu2.4.dsc | 3.1 KiB | b08e95674133a36c0d78a7e91c73f926b14e63e991275626d8cd408a5d261487 |
Available diffs
Binary packages built by this source
- libunbound-dev: static library, header files, and docs for libunbound
Static library, header files, and documentation for libunbound.
.
libunbound performs and validates DNS lookups; it can be used to convert
hostnames to IP addresses and back and obtain other information from the
DNS. Cryptographic validation of results is performed with DNSSEC.
- libunbound2: library implementing DNS resolution and validation
libunbound performs and validates DNS lookups; it can be used to convert
hostnames to IP addresses and back and obtain other information from the
DNS. Cryptographic validation of results is performed with DNSSEC.
- libunbound2-dbgsym: debug symbols for libunbound2
- python-unbound: library implementing DNS resolution and validation (Python bindings)
Python extension module for libunbound.
.
libunbound performs and validates DNS lookups; it can be used to convert
hostnames to IP addresses and back and obtain other information from the
DNS. Cryptographic validation of results is performed with DNSSEC.
- python-unbound-dbgsym: debug symbols for python-unbound
- python3-unbound: library implementing DNS resolution and validation (Python3 bindings)
Python3 extension module for libunbound.
.
libunbound performs and validates DNS lookups; it can be used to convert
hostnames to IP addresses and back and obtain other information from the
DNS. Cryptographic validation of results is performed with DNSSEC.
- python3-unbound-dbgsym: debug symbols for python3-unbound
- unbound: validating, recursive, caching DNS resolver
Unbound is a recursive-only caching DNS server which can perform DNSSEC
validation of results. It implements only a minimal amount of authoritative
service to prevent leakage to the root nameservers: forward lookups for
localhost, reverse for 127.0.0.1 and ::1, and NXDOMAIN for zones served by
AS112. Stub and forward zones are supported.
.
This package contains the unbound daemon.
- unbound-anchor: utility to securely fetch the root DNS trust anchor
unbound-anchor is a utility which securely fetches or updates the root DNS
zone trust anchor. A copy of the current root anchor and root update
certificate is embedded in unbound-anchor. RFC 5011 trust anchor tracking is
performed, with fallback to an SSL fetch if this fails.
- unbound-anchor-dbgsym: debug symbols for unbound-anchor
- unbound-dbgsym: debug symbols for unbound
- unbound-host: reimplementation of the 'host' command
This package provides the 'unbound-host' program that is bundled with the
Unbound domain name server. This version differs from the one provided in the
package called host, which is from NIKHEF, and bind9-host, which is from ISC,
and has a similar but different set of features and options.
- unbound-host-dbgsym: debug symbols for unbound-host
