Bug 246569 - dns/unbound: Update to 1.10.1
Summary: dns/unbound: Update to 1.10.1
Status: Closed FIXED
Alias: None
Product: Ports & Packages
Classification: Unclassified
Component: Individual Port(s) (show other bugs)
Version: Latest
Hardware: Any Any
: Normal Affects Many People
Assignee: Xin LI
URL:
Keywords: buildisok, needs-qa, security
Depends on:
Blocks:
 
Reported: 2020-05-19 10:16 UTC by Jaap Akkerhuis
Modified: 2020-05-22 22:20 UTC (History)
2 users (show)

See Also:
koobs: merge-quarterly+

Attachments
patch to upgrade (1.21 KB, patch)
2020-05-19 10:16 UTC, Jaap Akkerhuis 		jaap: maintainer-approval+
Details | Diff
View All Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Jaap Akkerhuis 2020-05-19 10:16:49 UTC 
Created attachment 214636 [details]
patch to upgrade

This release fixes CVE-2020-12662 and CVE-2020-12663.

Bug Fixes:
- CVE-2020-12662 Unbound can be tricked into amplifying an incoming
  query into a large number of queries directed to a target.
- CVE-2020-12663 Malformed answers from upstream name servers can be
  used to make Unbound unresponsive.

More details at http://www.nxnsattack.com
Comment 1 Automation User 2020-05-19 10:39:22 UTC 
Build info is available at https://gitlab.com/swills/freebsd-ports/pipelines/147487500
Comment 2 commit-hook freebsd_committer freebsd_triage 2020-05-19 19:03:15 UTC 
A commit references this bug:

Author: delphij
Date: Tue May 19 19:02:47 UTC 2020
New revision: 535884
URL: https://svnweb.freebsd.org/changeset/ports/535884

Log:
  dns/unbound: update to 1.10.1.

  PR:		246569
  Submitted by:	Jaap Akkerhuis (maintainer)
  MFH:		2020Q2
  Security:	CVE-2020-12662, CVE-2020-12663

Changes:
  head/dns/unbound/Makefile
  head/dns/unbound/distinfo
  head/dns/unbound/pkg-plist
Comment 3 commit-hook freebsd_committer freebsd_triage 2020-05-19 19:04:17 UTC 
A commit references this bug:

Author: delphij
Date: Tue May 19 19:03:45 UTC 2020
New revision: 535885
URL: https://svnweb.freebsd.org/changeset/ports/535885

Log:
  MFH: r535884

  dns/unbound: update to 1.10.1.

  PR:		246569
  Submitted by:	Jaap Akkerhuis (maintainer)
  Security:	CVE-2020-12662, CVE-2020-12663
  Approved by:	ports-secteam

Changes:
_U  branches/2020Q2/
  branches/2020Q2/dns/unbound/Makefile
  branches/2020Q2/dns/unbound/distinfo
  branches/2020Q2/dns/unbound/pkg-plist
Comment 4 Xin LI freebsd_committer freebsd_triage 2020-05-19 19:20:42 UTC 
Committed, thanks!
Comment 5 Kubilay Kocak freebsd_committer freebsd_triage 2020-05-21 02:23:22 UTC 
Re-open pending VuXML entry