Information on source package unbound

Available versions

ReleaseVersion
buster1.9.0-2+deb10u2
buster (security)1.9.0-2+deb10u4
bullseye1.13.1-1+deb11u1
bullseye (security)1.13.1-1+deb11u2
bookworm1.17.1-2+deb12u1
bookworm (security)1.17.1-2+deb12u2
trixie1.19.1-1
sid1.19.1-1

Open unimportant issues

BugbusterbullseyebookwormtrixiesidDescription
CVE-2019-25042vulnerablefixedfixedfixedfixedUnbound before 1.9.5 allows an out-of-bounds write via a compressed na ...
CVE-2019-25041vulnerablefixedfixedfixedfixedUnbound before 1.9.5 allows an assertion failure via a compressed name ...
CVE-2019-25040vulnerablefixedfixedfixedfixedUnbound before 1.9.5 allows an infinite loop via a compressed name in ...
CVE-2019-25039vulnerablefixedfixedfixedfixedUnbound before 1.9.5 allows an integer overflow in a size calculation ...
CVE-2019-25038vulnerablefixedfixedfixedfixedUnbound before 1.9.5 allows an integer overflow in a size calculation ...
CVE-2019-25037vulnerablefixedfixedfixedfixedUnbound before 1.9.5 allows an assertion failure and denial of service ...
CVE-2019-25036vulnerablefixedfixedfixedfixedUnbound before 1.9.5 allows an assertion failure and denial of service ...
CVE-2019-25035vulnerablefixedfixedfixedfixedUnbound before 1.9.5 allows an out-of-bounds write in sldns_bget_token ...
CVE-2019-25034vulnerablefixedfixedfixedfixedUnbound before 1.9.5 allows an integer overflow in sldns_str2wire_dnam ...
CVE-2019-25033vulnerablefixedfixedfixedfixedUnbound before 1.9.5 allows an integer overflow in the regional alloca ...
CVE-2019-25032vulnerablefixedfixedfixedfixedUnbound before 1.9.5 allows an integer overflow in the regional alloca ...
CVE-2019-25031vulnerablefixedfixedfixedfixedUnbound before 1.9.5 allows configuration injection in create_unbound_ ...
CVE-2019-18934vulnerablefixedfixedfixedfixedUnbound 1.6.4 through 1.9.4 contain a vulnerability in the ipsec modul ...

Resolved issues

BugDescription
CVE-2024-1488A vulnerability was found in Unbound due to incorrect default permissi ...
CVE-2023-50868The Closest Encloser Proof aspect of the DNS protocol (in RFC 5155 whe ...
CVE-2023-50387Certain DNSSEC aspects of the DNS protocol (in RFC 4033, 4034, 4035, 6 ...
CVE-2022-30699NLnet Labs Unbound, up to and including version 1.16.1, is vulnerable ...
CVE-2022-30698NLnet Labs Unbound, up to and including version 1.16.1 is vulnerable t ...
CVE-2022-3204A vulnerability named 'Non-Responsive Delegation Attack' (NRDelegation ...
CVE-2020-28935NLnet Labs Unbound, up to and including version 1.12.0, and NLnet Labs ...
CVE-2020-12663Unbound before 1.10.1 has an infinite loop via malformed DNS answers r ...
CVE-2020-12662Unbound before 1.10.1 has Insufficient Control of Network Message Volu ...
CVE-2020-10772An incomplete fix for CVE-2020-12662 was shipped for Unbound in Red Ha ...
CVE-2019-16866Unbound before 1.9.4 accesses uninitialized memory, which allows remot ...
CVE-2017-15105A flaw was found in the way unbound before 1.6.8 validated wildcard-sy ...
CVE-2014-8602iterator.c in NLnet Labs Unbound before 1.5.1 does not limit delegatio ...
CVE-2011-4869validator/val_nsec3.c in Unbound before 1.4.13p2 does not properly per ...
CVE-2011-4528Unbound before 1.4.13p2 attempts to free unallocated memory during pro ...
CVE-2011-1922daemon/worker.c in Unbound 1.x before 1.4.10, when debugging functiona ...
CVE-2010-0969Unbound before 1.4.3 does not properly align structures on 64-bit plat ...
CVE-2009-4008Unbound before 1.4.4 does not send responses for signed zones after mi ...
CVE-2009-3602Unbound before 1.3.4 does not properly verify signatures for NSEC3 rec ...

Security announcements

DSA / DLADescription
DLA-3736-1unbound - security update
DSA-5620-1unbound - security update
DLA-3371-1unbound - security update
DSA-4694-1unbound - security update
DSA-4544-1unbound - security update
DLA-1676-1unbound - security update
DLA-1264-1unbound - security update
DLA-107-1unbound - security update
DSA-3097-1unbound - security update
DSA-2370-1unbound - several
DSA-2243-1unbound - design flaw
DSA-1963-1unbound - DNSSEC validation

Search for package or bug name: Reporting problems