unbound 1.9.4-2ubuntu1.2 source package in Ubuntu
Changelog
unbound (1.9.4-2ubuntu1.2) focal-security; urgency=medium
* SECURITY UPDATE: configuration injection via MITM
- debian/patches/CVE-2019-25031.patch: use https, remove special
characters in contrib/create_unbound_ad_servers.sh.
- CVE-2019-25031
* SECURITY UPDATE: integer overflows in the regional allocator
- debian/patches/CVE-2019-25032.patch: fix overflows in config.h.in,
configure, configure.ac, util/regional.c.
- CVE-2019-25032
- CVE-2019-25033
* SECURITY UPDATE: integer overflow in sldns_str2wire_dname_buf_origin
- debian/patches/CVE-2019-25034.patch: check lengths in
sldns/str2wire.c.
- CVE-2019-25034
* SECURITY UPDATE: out-of-bounds write in sldns_bget_token_par
- debian/patches/CVE-2019-25035.patch: check for space in
sldns/parse.c.
- CVE-2019-25035
* SECURITY UPDATE: assertion failure and denial of service
- debian/patches/CVE-2019-25036.patch: validate lengths in
iterator/iter_scrub.c.
- CVE-2019-25036
* SECURITY UPDATE: assertion failure and denial of service
- debian/patches/CVE-2019-25037.patch: validate length in
util/data/dname.c.
- CVE-2019-25037
* SECURITY UPDATE: integer overflow in a size calculation
- debian/patches/CVE-2019-25038.patch: check for overflows in
dnscrypt/dnscrypt.c, respip/respip.c.
- CVE-2019-25038
- CVE-2019-25039
* SECURITY UPDATE: infinite loop and assertion fail via compressed name
- debian/patches/CVE-2019-25040.patch: validate compression pointers in
util/data/dname.c.
- CVE-2019-25040
- CVE-2019-25041
* SECURITY UPDATE: out-of-bounds write via a compressed name
- debian/patches/CVE-2019-25042.patch: move assert in
util/data/msgreply.c.
- CVE-2019-25042
* SECURITY UPDATE: incorrect PID file handling
- debian/patches/CVE-2020-28935.patch: check for symlinks in
daemon/unbound.c.
- CVE-2020-28935
* debian/patches: rename debian-changes to fix-nettle-build.patch.
-- Marc Deslauriers <email address hidden> Wed, 05 May 2021 07:22:34 -0400
Upload details
- Uploaded by:
- Marc Deslauriers
- Uploaded to:
- Focal
- Original maintainer:
- Ubuntu Developers
- Architectures:
- any
- Section:
- net
- Urgency:
- Medium Urgency
See full publishing history Publishing
| Series | Published | Component | Section |
|---|
Downloads
| File | Size | SHA-256 Checksum |
|---|---|---|
| unbound_1.9.4.orig.tar.gz | 5.4 MiB | 3d3e25fb224025f0e732c7970e5676f53fd1764c16d6a01be073a13e42954bb0 |
| unbound_1.9.4-2ubuntu1.2.debian.tar.xz | 31.1 KiB | c35f170290bcaa27da202ed35e6d601cfa14eff9510fc96eaf039baa92bc7af9 |
| unbound_1.9.4-2ubuntu1.2.dsc | 3.0 KiB | 6723618f80a58acee6a94c96d6d2b15db3f24b20f590580309e4ed487571dcdc |
Available diffs
Binary packages built by this source
- libunbound-dev: static library, header files, and docs for libunbound
Static library, header files, and documentation for libunbound.
.
libunbound performs and validates DNS lookups; it can be used to convert
hostnames to IP addresses and back and obtain other information from the
DNS. Cryptographic validation of results is performed with DNSSEC.
- libunbound8: library implementing DNS resolution and validation
libunbound performs and validates DNS lookups; it can be used to convert
hostnames to IP addresses and back and obtain other information from the
DNS. Cryptographic validation of results is performed with DNSSEC.
- libunbound8-dbgsym: debug symbols for libunbound8
- python-unbound: library implementing DNS resolution and validation (Python bindings)
Python extension module for libunbound.
.
libunbound performs and validates DNS lookups; it can be used to convert
hostnames to IP addresses and back and obtain other information from the
DNS. Cryptographic validation of results is performed with DNSSEC.
- python-unbound-dbgsym: debug symbols for python-unbound
- python3-unbound: library implementing DNS resolution and validation (Python3 bindings)
Python3 extension module for libunbound.
.
libunbound performs and validates DNS lookups; it can be used to convert
hostnames to IP addresses and back and obtain other information from the
DNS. Cryptographic validation of results is performed with DNSSEC.
- python3-unbound-dbgsym: debug symbols for python3-unbound
- unbound: validating, recursive, caching DNS resolver
Unbound is a recursive-only caching DNS server which can perform DNSSEC
validation of results. It implements only a minimal amount of authoritative
service to prevent leakage to the root nameservers: forward lookups for
localhost, reverse for 127.0.0.1 and ::1, and NXDOMAIN for zones served by
AS112. Stub and forward zones are supported.
.
This package contains the unbound daemon.
- unbound-anchor: utility to securely fetch the root DNS trust anchor
unbound-anchor is a utility which securely fetches or updates the root DNS
zone trust anchor. A copy of the current root anchor and root update
certificate is embedded in unbound-anchor. RFC 5011 trust anchor tracking is
performed, with fallback to an SSL fetch if this fails.
- unbound-anchor-dbgsym: debug symbols for unbound-anchor
- unbound-dbgsym: debug symbols for unbound
- unbound-host: reimplementation of the 'host' command
This package provides the 'unbound-host' program that is bundled with the
Unbound domain name server. This version differs from the one provided in the
package called host, which is from NIKHEF, and bind9-host, which is from ISC,
and has a similar but different set of features and options.
- unbound-host-dbgsym: debug symbols for unbound-host
