CVE-2020-12663 (https://nvd.nist.gov/vuln/detail/CVE-2020-12663): Unbound can be tricked into amplifying an incoming query into a large number of queries directed to a target. CVE-2020-12662 (https://nvd.nist.gov/vuln/detail/CVE-2020-12662): Malformed answers from upstream name servers can be used to make Unbound unresponsive. CVE texts are mixed.
amd64 stable
arm stable
ppc stable
ppc64 stable
x86 stable
@maintainer(s), please cleanup
The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=cc9d625b6931b268fb3d5cbaa259856fceecb582 commit cc9d625b6931b268fb3d5cbaa259856fceecb582 Author: Thomas Deutschmann <whissi@gentoo.org> AuthorDate: 2020-05-21 23:08:50 +0000 Commit: Thomas Deutschmann <whissi@gentoo.org> CommitDate: 2020-05-21 23:08:50 +0000 net-dns/unbound: security cleanup Bug: https://bugs.gentoo.org/723984 Package-Manager: Portage-2.3.99, Repoman-2.3.22 Signed-off-by: Thomas Deutschmann <whissi@gentoo.org> net-dns/unbound/Manifest | 1 - net-dns/unbound/unbound-1.10.0.ebuild | 183 ---------------------------------- 2 files changed, 184 deletions(-)