From 1.4.3 Changelog:
Fix for memory alignment in struct sock_list allocation. This is a remote denial of service vulnerability, as it could make unbound crash on 64bit systems if triggered.
1.4.3 in cvs now.
Is this ok to go stable?
please mark stable =net-dns/unbound-1.4.3
wdiff is missing for tests.
(In reply to comment #4)
> wdiff is missing for tests.
I added it.
amd64 stable, all arches done.
Unbound before 1.4.3 does not properly align structures on 64-bit
platforms, which allows remote attackers to cause a denial of service
(daemon crash) via unspecified vectors.
YES too, request filed.
This issue was resolved and addressed in
GLSA 201110-12 at http://security.gentoo.org/glsa/glsa-201110-12.xml
by GLSA coordinator Tobias Heinlein (keytoaster).