Reviewed-by: Peter Müller peter.mueller@ipfire.org
For details see: https://lists.nlnetlabs.nl/pipermail/unbound-users/2022-September/007885.htm...
"This release fixes CVE-2022-3204 Non-Responsive Delegation Attack. It was reported by Yehuda Afek from Tel-Aviv University and Anat Bremler-Barr and Shani Stajnrod from Reichman University.
This fixes for better performance when under load, by cutting promiscuous queries for nameserver discovery and limiting the number of times a delegation point can look in the cache for missing records.
Bug Fixes
- Patch for CVE-2022-3204 Non-Responsive Delegation Attack."
Signed-off-by: Matthias Fischer matthias.fischer@ipfire.org
config/rootfiles/common/unbound | 2 +- lfs/unbound | 4 ++-- 2 files changed, 3 insertions(+), 3 deletions(-)
diff --git a/config/rootfiles/common/unbound b/config/rootfiles/common/unbound index 7fc4f191a..7af787f29 100644 --- a/config/rootfiles/common/unbound +++ b/config/rootfiles/common/unbound @@ -11,7 +11,7 @@ etc/unbound/unbound.conf #usr/lib/libunbound.la #usr/lib/libunbound.so usr/lib/libunbound.so.8 -usr/lib/libunbound.so.8.1.18 +usr/lib/libunbound.so.8.1.19 #usr/lib/pkgconfig/libunbound.pc usr/sbin/unbound usr/sbin/unbound-anchor diff --git a/lfs/unbound b/lfs/unbound index 5a3c70caf..636fe8bf9 100644 --- a/lfs/unbound +++ b/lfs/unbound @@ -24,7 +24,7 @@
include Config
-VER = 1.16.2 +VER = 1.16.3
THISAPP = unbound-$(VER) DL_FILE = $(THISAPP).tar.gz @@ -40,7 +40,7 @@ objects = $(DL_FILE)
$(DL_FILE) = $(DL_FROM)/$(DL_FILE)
-$(DL_FILE)_BLAKE2 = 2f7f119d12807ff5c000fd500be72a0825614da3e1f079f9b8d15a651bda2fa0b41599a55c6f76b17ff56120aa61e48042469063f08dd199333520172ca16750 +$(DL_FILE)_BLAKE2 = b97deade78ab903363e06ff9d71b9895c754378ec276bb17556de62c48a88af5fbabd26f97fb47313d1e631fe75dee245aa38fbf42a865ac3e764882a1124a51
install : $(TARGET)