unbound-1.7.3-11.el8

エラータID: AXSA:2020-594:06

Release date: 
Tuesday, October 6, 2020 - 10:25
Subject: 
unbound-1.7.3-11.el8
Affected Channels: 
Asianux Server 8 for x86_64
Severity: 
High
Description: 

The unbound packages provide a validating, recursive, and caching DNS or DNSSEC resolver.

Security Fix(es):

* unbound: amplification of an incoming query into a large number of queries directed to a target (CVE-2020-12662)

* unbound: infinite loop via malformed DNS answers received from upstream servers (CVE-2020-12663)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

CVE-2020-12662
Unbound before 1.10.1 has Insufficient Control of Network Message Volume, aka an "NXNSAttack" issue. This is triggered by random subdomains in the NSDNAME in NS records.
CVE-2020-12663
Unbound before 1.10.1 has an infinite loop via malformed DNS answers received from upstream servers.

Solution: 

Update packages.

CVEs: 
CVE-2020-12662
Unbound before 1.10.1 has Insufficient Control of Network Message Volume, aka an "NXNSAttack" issue. This is triggered by random subdomains in the NSDNAME in NS records.
CVE-2020-12663
Unbound before 1.10.1 has an infinite loop via malformed DNS answers received from upstream servers.
Additional Info: 

N/A

Download: 

SRPMS
  1. unbound-1.7.3-11.el8.src.rpm
    MD5: 768e87a24003d48238ae6e0491bb258a
    SHA-256: 0462812e4bd5834d15390c407617b7705d451818357b4462f1d6cbb56100c4e7
    Size: 5.39 MB

Asianux Server 8 for x86_64
  1. python3-unbound-1.7.3-11.el8.x86_64.rpm
    MD5: b91270dd9c2fc8f86add7ca998177117
    SHA-256: c83cb26e41c684c067a834eb62e5c0c98656b45292d43d9955c3122a45328d90
    Size: 116.63 kB
  2. unbound-1.7.3-11.el8.x86_64.rpm
    MD5: 8d428b79ad7f80d1386349746a0446e9
    SHA-256: 4b22b4ae0e3a87c47b8b1e30f724b5d748e81127c6e157044bd2e56d3245b03c
    Size: 887.22 kB
  3. unbound-devel-1.7.3-11.el8.x86_64.rpm
    MD5: fecd91fae36a5b0d337746d25caf6d9c
    SHA-256: 4f66bd86abcfffbd1e6b3a01bbb8b3f6b23c3917eefa54efc7c3532df080678a
    Size: 57.01 kB
  4. unbound-libs-1.7.3-11.el8.x86_64.rpm
    MD5: afbb69416f811c51152cdc9c478917e5
    SHA-256: f92c59a59d7d72cc75abd255097b049bb7625e366aa45cf5a9491b234fb2280a
    Size: 498.41 kB
  5. unbound-devel-1.7.3-11.el8.i686.rpm
    MD5: b28f70ff751ffcde39e4a79e588dc101
    SHA-256: c7844ca615202e5f8df0f64ef0aa3316175e77c6cae2a90ca2ac1199616e65ed
    Size: 57.03 kB
  6. unbound-libs-1.7.3-11.el8.i686.rpm
    MD5: 7719dc6d5c76b373ef291e5f14623c23
    SHA-256: c443d1e8372039c327aa3d36d8bf83bdd0d3ebb8e235269f0450aa71f9086f24
    Size: 535.12 kB