Alerts This Week
Warning Icon 1 609
Alerts This Week
Warning Icon 1 609

Stay Secure with the Latest Linux Advisories

Fedora Large Esm H800
Fedora

Fedora 44 Transmission 4.1.2 Important Clickjacking Fix CVE-2026-38978

Calendar White Jun 05, 2026
Important
Fedora Large Esm H900
Fedora

Fedora 44 libre 4.8.1 Critical Update Details for Real-Time Communication

Calendar White Jun 05, 2026
Important
Fedora Large Esm H900
Fedora

Fedora 44 NextCloud Update Denial of Service JSON Tampering 2026-30881a5be7

Calendar White Jun 05, 2026
Important
Fedora Large Esm H800
Fedora

Fedora 44 python-starlette Security Fix for CVE-2026-48710

Calendar White Jun 05, 2026
Critical
Fedora Large Esm H900
Fedora

Fedora 44 perl-Cpanel-JSON-XS Moderate Denial of Service CVE-2026-9516

Calendar White Jun 05, 2026
Important
Fedora Large Esm H900
Fedora

Fedora 44 rubygem-yard High Path Traversal Fix Vuln 2026-acefc1fe48

Calendar White Jun 05, 2026
high
Fedora Large Esm H800
Fedora

Fedora 44 Rust Sequoia Sop Low-Severity Fix Advisory 2026-5c5f4f40a4

Calendar White Jun 05, 2026
Low
Fedora Large Esm H900
Fedora

Fedora 44 rust-sequoia-sq Low Threat Security Advisory 2026-5c5f4f40a4

Calendar White Jun 05, 2026
Low
Fedora Large Esm H900
Fedora

Fedora 44 rust-sequoia-wot Low Severity Security Fix 2026-5c5f4f40a4

Calendar White Jun 05, 2026
Low
Filter Icon Refine advisories
X Clear Filters
X Clear Filters
View More

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

More Polls

What got you started with Linux?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/150-what-got-you-started-with-linux?task=poll.vote&format=json
150
radio
0
[{"id":483,"title":"Self-taught through trial and error","votes":545,"type":"x","order":1,"pct":78.42,"resources":[]},{"id":484,"title":"Formal training or courses","votes":30,"type":"x","order":2,"pct":4.32,"resources":[]},{"id":485,"title":"A job that required it","votes":34,"type":"x","order":3,"pct":4.89,"resources":[]},{"id":486,"title":"Other","votes":86,"type":"x","order":4,"pct":12.37,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200
Loading...

Explore Latest Linux Security advisories

We found 3 articles for you...
87
Ls Advisories Debian Esm H240
Price Tag 1security advisorycriticaldebian

Debian: Unbound Critical Cache Poisoning Fix DSA-6071-1 CVE-2025-11411

It was discovered that incorrect handling of promiscuous NS RRSets in Unbound, a validating, recursive, caching DNS resolver, could result in cache poisoning. For the stable distribution (trixie), this problem has been fixed in version 1.22.0-2+deb13u1.. - ------------------------------------------------------------------------- Debian Security Advisory DSA-6071-1 This email address is being protected from spambots. You need JavaScript enabled to view it. https://www.debian.org/security/ Moritz Muehlenhoff December 04, 2025 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : unbound CVE ID : CVE-2025-11411 It was discovered that incorrect handling of promiscuous NS RRSets in Unbound, a validating, recursive, caching DNS resolver, could result in cache poisoning. For the stable distribution (trixie), this problem has been fixed in version 1.22.0-2+deb13u1. We recommend that you upgrade your unbound packages. For the detailed security status of unbound please refer to its security tracker page at: https://security-tracker.debian.org/tracker/source-package/unbound Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: https://www.debian.org/security/ Mailing list: This email address is being protected from spambots. You need JavaScript enabled to view it. . Unbound's cache poisoning issue fixed in Debian 1.22.0-2+deb13u1 update to prevent potential security risks.. Unbound Security Patch, Debian Advisory, DNS Resolver Update, Cache Poisoning Fix, Unbound Upgrade. . Severity: Critical. LinuxSecurity.com Team

Calendar 2 Dec 04, 2025 Critical Debian
89
Ls Advisories Fedora Esm H240
Price Tag 1security advisorysecurity issuefedora

Critical Cache Poisoning Advisory for Unbound Update 1.23.1 in Fedora 41

Update to 1.23.1 (rhbz#2380450). -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2025-e262093d58 2025-08-06 01:55:23.021300+00:00 -------------------------------------------------------------------------------- Name : unbound Product : Fedora 41 Version : 1.23.1 Release : 1.fc41 URL : https://nlnetlabs.nl/projects/unbound/about/ Summary : Validating, recursive, and caching DNS(SEC) resolver Description : Unbound is a validating, recursive, and caching DNS(SEC) resolver. The C implementation of Unbound is developed and maintained by NLnet Labs. It is based on ideas and algorithms taken from a java prototype developed by Verisign labs, Nominet, Kirei and ep.net. Unbound is designed as a set of modular components, so that also DNSSEC (secure DNS) validation and stub-resolvers (that do not run as a server, but are linked into an application) are easily possible. -------------------------------------------------------------------------------- Update Information: Update to 1.23.1 (rhbz#2380450) -------------------------------------------------------------------------------- ChangeLog: * Mon Jul 21 2025 Tomas Korbar - 1.23.1-1 - Update to 1.23.1 (rhbz#2380450) -------------------------------------------------------------------------------- References: [ 1 ] Bug #2381425 - CVE-2025-5994 unbound: Unbound Cache poisoning [fedora-41] https://bugzilla.redhat.com/show_bug.cgi?id=2381425 -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2025-e262093d58' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can befound at https://fedoraproject.org/keys -------------------------------------------------------------------------------- -- _______________________________________________ package-announce mailing list -- This email address is being protected from spambots. You need JavaScript enabled to view it. To unsubscribe send an email to This email address is being protected from spambots. You need JavaScript enabled to view it. Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/This email address is being protected from spambots. You need JavaScript enabled to view it. Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue . Fedora 41 introduces enhancements to the unbound DNS resolver, upgrading it to version 1.23.1, which mitigates the cache poisoning vulnerability.. Fedora 41, Unbound, DNS resolver, cache poisoning, security patch. . Severity: Critical. LinuxSecurity.com Team

Calendar 2 Aug 06, 2025 Critical Fedora
Banner 1 1028x280 1708121660 1771599717
87
Ls Advisories Debian Esm H240
Price Tag 1security advisorybuffer overflowsoftware update

Debian: DSA-5438-1 High: Asterisk Buffer Overflow in PJSIP DNS Resolver

A flaw was found in Asterisk, an Open Source Private Branch Exchange. A buffer overflow vulnerability affects users that use PJSIP DNS resolver. This vulnerability is related to CVE-2022-24793. The difference is that this issue is in parsing the query record `parse_query()`, while the issue . -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 - ------------------------------------------------------------------------- Debian Security Advisory DSA-5438-1 This email address is being protected from spambots. You need JavaScript enabled to view it. https://www.debian.org/security/ Markus Koschany June 22, 2023 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : asterisk CVE ID : CVE-2023-27585 Debian Bug : 1036697 A flaw was found in Asterisk, an Open Source Private Branch Exchange. A buffer overflow vulnerability affects users that use PJSIP DNS resolver. This vulnerability is related to CVE-2022-24793. The difference is that this issue is in parsing the query record `parse_query()`, while the issue in CVE-2022-24793 is in `parse_rr()`. A workaround is to disable DNS resolution in PJSIP config (by setting `nameserver_count` to zero) or use an external resolver implementation instead. For the oldstable distribution (bullseye), this problem has been fixed in version 1:16.28.0~dfsg-0+deb11u3. We recommend that you upgrade your asterisk packages. For the detailed security status of asterisk please refer to its security tracker page at: https://security-tracker.debian.org/tracker/source-package/asterisk Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: https://www.debian.org/security/ Mailing list: This email address is being protected from spambots. You need JavaScript enabled to view it. . Critical asterisk patch for Debian rectifies stack overflow vulnerability in PJSIP domain name resolver. Suggested enhancements outlined.. Debian Security,Asterisk Update,DNS Resolver Security,BufferOverflow Risk,Open Source Protection. . LinuxSecurity.com Team

Calendar 2 Jun 22, 2023 Debian
98
Ls Advisories Redhat Esm H240
Price Tag 1security advisorymoderatesecurity update

RedHat: RHSA-2020-1716 Moderate: Unbound Command Injection Threat

An update for unbound is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 ==================================================================== Red Hat Security Advisory Synopsis: Moderate: unbound security update Advisory ID: RHSA-2020:1716-01 Product: Red Hat Enterprise Linux Advisory URL: https://access.redhat.com/errata/RHSA-2020:1716 Issue date: 2020-04-28 CVE Names: CVE-2019-18934 ==================================================================== 1. Summary: An update for unbound is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux AppStream (v. 8) - aarch64, ppc64le, s390x, x86_64 3. Description: The unbound packages provide a validating, recursive, and caching DNS or DNSSEC resolver. Security Fix(es): * unbound: command injection with data coming from a specially crafted IPSECKEY answer (CVE-2019-18934) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Red Hat Enterprise Linux 8.2 Release Notes linked from the References section. 4. Solution: For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 5. Bugs fixed(https://bugzilla.redhat.com/): 1775708 - High CPU consumption when log file I/O is slow 1776762 - CVE-2019-18934 unbound: command injection with data coming from a specially crafted IPSECKEY answer 6. Package List: Red Hat Enterprise Linux AppStream (v. 8): Source: unbound-1.7.3-10.el8.src.rpm aarch64: python3-unbound-1.7.3-10.el8.aarch64.rpm python3-unbound-debuginfo-1.7.3-10.el8.aarch64.rpm unbound-1.7.3-10.el8.aarch64.rpm unbound-debuginfo-1.7.3-10.el8.aarch64.rpm unbound-debugsource-1.7.3-10.el8.aarch64.rpm unbound-devel-1.7.3-10.el8.aarch64.rpm unbound-libs-1.7.3-10.el8.aarch64.rpm unbound-libs-debuginfo-1.7.3-10.el8.aarch64.rpm ppc64le: python3-unbound-1.7.3-10.el8.ppc64le.rpm python3-unbound-debuginfo-1.7.3-10.el8.ppc64le.rpm unbound-1.7.3-10.el8.ppc64le.rpm unbound-debuginfo-1.7.3-10.el8.ppc64le.rpm unbound-debugsource-1.7.3-10.el8.ppc64le.rpm unbound-devel-1.7.3-10.el8.ppc64le.rpm unbound-libs-1.7.3-10.el8.ppc64le.rpm unbound-libs-debuginfo-1.7.3-10.el8.ppc64le.rpm s390x: python3-unbound-1.7.3-10.el8.s390x.rpm python3-unbound-debuginfo-1.7.3-10.el8.s390x.rpm unbound-1.7.3-10.el8.s390x.rpm unbound-debuginfo-1.7.3-10.el8.s390x.rpm unbound-debugsource-1.7.3-10.el8.s390x.rpm unbound-devel-1.7.3-10.el8.s390x.rpm unbound-libs-1.7.3-10.el8.s390x.rpm unbound-libs-debuginfo-1.7.3-10.el8.s390x.rpm x86_64: python3-unbound-1.7.3-10.el8.x86_64.rpm python3-unbound-debuginfo-1.7.3-10.el8.i686.rpm python3-unbound-debuginfo-1.7.3-10.el8.x86_64.rpm unbound-1.7.3-10.el8.x86_64.rpm unbound-debuginfo-1.7.3-10.el8.i686.rpm unbound-debuginfo-1.7.3-10.el8.x86_64.rpm unbound-debugsource-1.7.3-10.el8.i686.rpm unbound-debugsource-1.7.3-10.el8.x86_64.rpm unbound-devel-1.7.3-10.el8.i686.rpm unbound-devel-1.7.3-10.el8.x86_64.rpm unbound-libs-1.7.3-10.el8.i686.rpm unbound-libs-1.7.3-10.el8.x86_64.rpm unbound-libs-debuginfo-1.7.3-10.el8.i686.rpm unbound-libs-debuginfo-1.7.3-10.el8.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are availablefrom https://access.redhat.com/security/team/key/ 7. References: https://access.redhat.com/security/cve/CVE-2019-18934 https://access.redhat.com/security/updates/classification/#moderate https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/8/html/8.2_release_notes/index 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact/ Copyright 2020 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIVAwUBXqhV8NzjgjWX9erEAQhrFA/8DDxdeDhHWqAu7tMEsghIOuMPtvCcmC/A 8UocEkGHjzUyGMuX7yqYU0pNWA6+UV1y2YxsXQQknCu+HK3E/UxHfDTHLVIzD7IR Jsumjv2bLDE3wEiYTKL48L1NNNhtTcgKwKRZfpLyp6kfWEtop42Je3lWrXIcQJph vbTEm1wytDHQskSGA4VIR0W12LK/xqVL/82eGaZcApHCdgInUO7RKxwvBmDB1/Fm 3yYr1Blm2q/muwSYGe0TXG4eCtZW7luyVGsEXqYWc4Yhs9zZAEviDZkq47rNKf/2 S9WLol0i/nErl4O0yX2J8QzKqVMqsoejJf2gnEyGpbOb0fsDmHJMOM7Oi7orH5LW N5is5qs6BgSpn3pkWMZgEpzAJkQgeUuVxTIWmAr1nC+Jogg/fUWVcsi468BR9ywR EVYP85S4rbqQubRhvCBPqduB0Ns5AcY9jgG7smweW9pa5MKulPiA71YXmBJ657Sx YXaWe2DcDjyNxEZeFFlnMLmYCSMGUBN9R/YIUbMh0mYChSECUgv6QxL9xOARSLPP Zj5fJxnwMT5XojZzrwthRXkY7aLQM6d/pNB7lTaT0ZqmNdg5/GZLMofccw8RpI20 fvHzlw0eAD380xJqXM+ruBVJj8DiybeaGWty9n+yYrOKy0V0fkK3HUi4ADlX6Zwv xpVq84MxO+o=7ZXC -----END PGP SIGNATURE----- -- RHSA-announce mailing list This email address is being protected from spambots. You need JavaScript enabled to view it. . Critical software patch released for Red Hat Enterprise Linux 8, assessed as moderate level due to vulnerability associated with command execution.. unbound security update, Red Hat Enterprise Linux, command injection, update advisory. . LinuxSecurity.com Team

Calendar 2 Apr 28, 2020 Red Hat
Banner 1 1028x280 1708121660 1771599717
91
Ls Advisories Gentoo Esm H240
Price Tag 1security advisorygentooprivilege escalation

Gentoo: 201904-03 Normal: Unbound Privilege Escalation Issues

Multiple vulnerabilities have been found in Unbound, the worst of which could lead to privilege escalation.. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 201904-03 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - https://security.gentoo.org/ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Severity: Normal Title: Unbound: Multiple vulnerabilities Date: April 02, 2019 Bugs: #641042, #677054 ID: 201904-03 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Synopsis ======= Multiple vulnerabilities have been found in Unbound, the worst of which could lead to privilege escalation. Background ========= Unbound is a validating, recursive, and caching DNS resolver. Affected packages ================ ------------------------------------------------------------------- Package / Vulnerable / Unaffected ------------------------------------------------------------------- 1 net-dns/unbound < 1.8.3 > = 1.8.3 Description ========== Multiple vulnerabilities have been discovered in Unbound. Please review the referenced bugs for details. Impact ===== Please review the referenced bugs for details. Workaround ========= There is no known workaround at this time. Resolution ========= All Unbound users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose "> =net-dns/unbound-1.8.3" References ========= Availability =========== This GLSA and any updates to it are available for viewing at the Gentoo Security Website: https://security.gentoo.org/glsa/201904-03 Concerns? ======== Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to This email address is being protected from spambots. You need JavaScript enabled to view it. oralternatively, you may file a bug at https://bugs.gentoo.org. License ====== Copyright 2019 Gentoo Foundation, Inc; referenced text belongs to its owner(s). The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license. https://creativecommons.org/licenses/by-sa/2.5/ . A series of security flaws in Unbound may result in elevated privileges. Please update to the most recent release immediately.. Gentoo Security Advisory, Unbound Linux, Privilege Escalation, DNS Resolver Vulnerabilities. . LinuxSecurity.com Team

Calendar 2 Apr 02, 2019 Gentoo
87
Ls Advisories Debian Esm H240
Price Tag 1security advisorysecurity issuedebian

Debian: DSA-3097-1 Moderate: Unbound Denial Of Service Risk

Florian Maury from ANSSI discovered that unbound, a validating, recursive, and caching DNS resolver, was prone to a denial of service vulnerability. An attacker crafting a malicious zone and able to emit (or make emit) queries to the server can trick the resolver into . -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 - ------------------------------------------------------------------------- Debian Security Advisory DSA-3097-1 This email address is being protected from spambots. You need JavaScript enabled to view it. http://www.debian.org/security/ Yves-Alexis Perez December 10, 2014 http://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : unbound CVE ID : CVE-2014-8602 Debian Bug : 772622 Florian Maury from ANSSI discovered that unbound, a validating, recursive, and caching DNS resolver, was prone to a denial of service vulnerability. An attacker crafting a malicious zone and able to emit (or make emit) queries to the server can trick the resolver into following an endless series of delegations, leading to ressource exhaustion and huge network usage. For the stable distribution (wheezy), this problem has been fixed in version 1.4.17-3+deb7u2. For the upcoming stable distribution (jessie), this problem has been fixed in version 1.4.22-3. For the unstable distribution (sid), this problem has been fixed in version 1.4.22-3. We recommend that you upgrade your unbound packages. Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: https://www.debian.org/security/ Mailing list: This email address is being protected from spambots. You need JavaScript enabled to view it. . Enhance unbound to mitigate DoS threats in Debian; advisory DSA-3128-2 outlines corrective measures.. Unbound Update, Denial Of Service, DNS Resolver, Debian Advisory, Security Issue. . LinuxSecurity.com Team

Calendar 2 Dec 10, 2014 Debian
Banner 1 1028x280 1708121660 1771599717
91
Ls Advisories Gentoo Esm H240
Price Tag 1security advisorydenial of servicedns resolver

Gentoo: GLSA-201311-19 Important: Bind Authorization Flaw

Multiple Denial of Service vulnerabilities have been found in Unbound.. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 201311-18 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - https://security.gentoo.org/ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Severity: Normal Title: Unbound: Denial of Service Date: November 28, 2013 Bugs: #395287 ID: 201311-18 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Synopsis ======= Multiple Denial of Service vulnerabilities have been found in Unbound. Background ========= Unbound is a validating, recursive, and caching DNS resolver. Affected packages ================ ------------------------------------------------------------------- Package / Vulnerable / Unaffected ------------------------------------------------------------------- 1 net-dns/unbound < 1.4.13_p2 > = 1.4.13_p2 Description ========== Multiple vulnerabilities have been discovered in Unbound. Please review the CVE identifiers referenced below for details. Impact ===== A remote attacker could possibly cause a Denial of Service condition via a specially crafted response. Workaround ========= There is no known workaround at this time. Resolution ========= All Unbound users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose "> =net-dns/unbound-1.4.13_p2" References ========= [ 1 ] CVE-2011-4528 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-4528 [ 2 ] CVE-2011-4869 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-4869 Availability =========== This GLSA and any updates to it are available for viewing at the Gentoo Security Website: https://security.gentoo.org/glsa/201311-18 Concerns? ======== Security is a primary focus of Gentoo Linux and ensuringthe confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to This email address is being protected from spambots. You need JavaScript enabled to view it. or alternatively, you may file a bug at https://bugs.gentoo.org. License ====== Copyright 2013 Gentoo Foundation, Inc; referenced text belongs to its owner(s). The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license. https://creativecommons.org/licenses/by-sa/2.5/ . Unbound is susceptible to multiple Denial of Service vulnerabilities, and users are advised to apply the necessary updates as outlined in the provided guidance.. Gentoo Security Advisory, Unbound DNS, Service Vulnerabilities. . Severity: Important. LinuxSecurity.com Team

Calendar 2 Nov 28, 2013 Important Gentoo
87
Ls Advisories Debian Esm H240
Price Tag 1security advisorycriticaldebian

Debian DSA-2243-1 Critical: Unbound Design Flaw Affects DNS Response

It was discovered that Unbound, a caching DNS resolver, ceases to provide answers for zones signed using DNSSEC after it has processed a crafted query. (CVE-2009-4008) . -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------- Debian Security Advisory DSA-2243-1 This email address is being protected from spambots. You need JavaScript enabled to view it. http://www.debian.org/security/ Florian Weimer May 27, 2011 http://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : unbound Vulnerability : design flaw Problem type : remote Debian-specific: no CVE ID : CVE-2009-4008 It was discovered that Unbound, a caching DNS resolver, ceases to provide answers for zones signed using DNSSEC after it has processed a crafted query. (CVE-2009-4008) In addition, this update improves the level of DNSSEC support in the lenny version of Unbound so that it is possible for system administrators to configure the trust anchor for the root zone. For the oldstable distribution (lenny), this problem has been fixed in version 1.4.6-1~lenny1. For the other distributions (squeeze, wheezy, sid), this problem has been fixed in version 1.4.4-1. We recommend that you upgrade your unbound packages. Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: http://www.debian.org/security/ Mailing list: This email address is being protected from spambots. You need JavaScript enabled to view it. . The recent modification in Debian for Unbound addresses a critical vulnerability that impacts DNSSEC capabilities and the overall performance of the resolver.. Unbound DNS resolver, Debian security update, remote access flaw, DNSSEC issues. . Severity: Critical. LinuxSecurity.com Team

Calendar 2 May 27, 2011 Critical Debian
Banner 1 1028x280 1708121660 1771599717
News Add Esm H240

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

More Polls

What got you started with Linux?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/150-what-got-you-started-with-linux?task=poll.vote&format=json
150
radio
0
[{"id":483,"title":"Self-taught through trial and error","votes":545,"type":"x","order":1,"pct":78.42,"resources":[]},{"id":484,"title":"Formal training or courses","votes":30,"type":"x","order":2,"pct":4.32,"resources":[]},{"id":485,"title":"A job that required it","votes":34,"type":"x","order":3,"pct":4.89,"resources":[]},{"id":486,"title":"Other","votes":86,"type":"x","order":4,"pct":12.37,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200

Search Topics

Your message here