"A DNSSEC validation vulnerability has been discovered in various DNSSEC validating software. The vulnerability has an assigned number of CVE-2023-50387 and is referred here as the KeyTrap vulnerability. The KeyTrap vulnerability works by using a combination of Keys (also colliding Keys), Signatures and number of RRSETs on a malicious zone. Answers from that zone can force a DNSSEC validator down a very CPU intensive and time costly validation path." Other DNS implementations are affected as well. I already added 1.19.1 to the tree: commit e327889602de87914ad5ed5a127eb70e57cb0c47 (HEAD -> master, origin/master, origin/HEAD) Author: Marc Schiffbauer <mschiff@gentoo.org> Date: Wed Feb 14 10:53:57 2024 +0100 net-dns/unbound: add 1.19.1 Signed-off-by: Marc Schiffbauer <mschiff@gentoo.org>
*** This bug has been marked as a duplicate of bug 924457 ***