Updated unbound packages fix security vulnerability
Publication date: 22 Jan 2018Modification date: 22 Jan 2018
Type: security
Affected Mageia releases : 6
CVE: CVE-2017-15105
Description
Updated unbound packages to fix security vulnerability (CVE-2017-15105) in the processing of wildcard synthesized NSEC records. While synthesis of NSEC records is allowed by RFC4592, these synthesized owner names should not be used in the NSEC processing. This was, however, happenning in Unbound 1.6.7 and earlier versions.
References
SRPMS
6/core
- unbound-1.6.8-1.mga6