Lucene search
OracleLinuxELSA-2021-1853HistoryMay 25, 2021 - 12:00 a.m.
unbound security, bug fix, and enhancement update
2021-05-2500:00:00
linux.oracle.com
20
9.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
7.5 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
[1.7.3-15]
- Fix SPEC file to not check md5 mtime and size of /var/lib/unbound/root.key
- Resolves: rhbz#1714175
- Use system-wide crypto policy setting (PROFILE=SYSTEM) instead of custom setting
- Resolves: rhbz#1842837
- Enable additional logging in unbound
- Resolves: rhbz#1850460
- security hardening from x41 report
- Resolves: rhbz#1859933
- symbolic link traversal when writing PID file
- Resolves: rhbz#1899058
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| oracle linux | 8 | src | unbound | < 1.7.3-15.el8 | unbound-1.7.3-15.el8.src.rpm |
| oracle linux | 8 | aarch64 | python3-unbound | < 1.7.3-15.el8 | python3-unbound-1.7.3-15.el8.aarch64.rpm |
| oracle linux | 8 | aarch64 | unbound | < 1.7.3-15.el8 | unbound-1.7.3-15.el8.aarch64.rpm |
| oracle linux | 8 | aarch64 | unbound-devel | < 1.7.3-15.el8 | unbound-devel-1.7.3-15.el8.aarch64.rpm |
| oracle linux | 8 | aarch64 | unbound-libs | < 1.7.3-15.el8 | unbound-libs-1.7.3-15.el8.aarch64.rpm |
| oracle linux | 8 | src | unbound | < 1.7.3-15.el8 | unbound-1.7.3-15.el8.src.rpm |
| oracle linux | 8 | x86_64 | python3-unbound | < 1.7.3-15.el8 | python3-unbound-1.7.3-15.el8.x86_64.rpm |
| oracle linux | 8 | x86_64 | unbound | < 1.7.3-15.el8 | unbound-1.7.3-15.el8.x86_64.rpm |
| oracle linux | 8 | i686 | unbound-devel | < 1.7.3-15.el8 | unbound-devel-1.7.3-15.el8.i686.rpm |
| oracle linux | 8 | x86_64 | unbound-devel | < 1.7.3-15.el8 | unbound-devel-1.7.3-15.el8.x86_64.rpm |
Related
nessus
nessus
CentOS 8 : unbound (CESA-2021:1853)
2021-05-19 00:00:00
NewStart CGSL MAIN 6.02 : unbound Multiple Vulnerabilities (NS-SA-2022-0064)
2022-05-09 00:00:00
Oracle Linux 8 : unbound (ELSA-2021-1853)
2021-05-26 00:00:00
redhat
redhat
(RHSA-2021:1853) Moderate: unbound security, bug fix, and enhancement update
2021-05-18 06:15:09
(RHSA-2022:0632) Moderate: unbound security update
2022-02-22 14:34:04
osv
osv
Moderate: unbound security, bug fix, and enhancement update
2021-05-18 06:15:09
unbound vulnerabilities
2021-05-06 12:58:29
unbound1.9 - security update
2021-05-06 00:00:00
almalinux
almalinux
Moderate: unbound security, bug fix, and enhancement update
2021-05-18 06:15:09
amazon
amazon
Medium: unbound
2021-07-01 01:09:00
Medium: unbound
2021-07-01 01:09:00
rocky
rocky
unbound security, bug fix, and enhancement update
2021-05-18 06:15:09
openvas
openvas
Ubuntu: Security Advisory (USN-4938-1)
2021-05-07 00:00:00
openSUSE: Security Advisory for unbound (openSUSE-SU-2022:0176-1)
2022-02-08 00:00:00
SUSE: Security Advisory (SUSE-SU-2022:0176-1)
2022-01-26 00:00:00
suse
suse
Security update for unbound (important)
2022-01-25 00:00:00
Security update for nsd (moderate)
2020-12-10 00:00:00
cloudfoundry
cloudfoundry
USN-4938-1: Unbound vulnerabilities | Cloud Foundry
2021-06-11 00:00:00
debian
debian
[SECURITY] [DLA 2652-1] unbound1.9 security update
2021-05-06 21:58:25
[SECURITY] [DLA 2556-1] unbound1.9 security update
2021-02-12 16:37:36
[SECURITY] [DLA 3371-1] unbound security update
2023-03-29 12:52:49
ubuntu
ubuntu
Unbound vulnerabilities
2021-05-06 00:00:00
photon
photon
Critical Photon OS Security Update - PHSA-2021-0236
2021-05-13 00:00:00
Critical Photon OS Security Update - PHSA-2021-3.0-0236
2021-05-13 00:00:00
Critical Photon OS Security Update - PHSA-2021-0342
2021-05-05 00:00:00
rosalinux
rosalinux
Advisory ROSA-SA-2023-2164
2023-05-15 07:50:35
Advisory ROSA-SA-2023-2163
2023-05-15 07:47:58
Advisory ROSA-SA-2021-1990
2021-07-02 18:18:13
ubuntucve
ubuntucve
cve
cve
veracode
veracode
Denial Of Service (DoS)
2021-05-20 15:28:01
Denial Of Service (DoS)
2021-05-20 15:27:53
Denial Of Service (DoS)
2021-05-20 15:27:59
prion
prion
Integer overflow
2021-04-27 06:15:00
Design/Logic Flaw
2021-04-27 06:15:00
Integer overflow
2021-04-27 06:15:00
redhatcve
redhatcve
debiancve
debiancve
archlinux
archlinux
[ASA-202012-18] nsd: denial of service
2020-12-09 00:00:00
[ASA-202012-17] unbound: denial of service
2020-12-09 00:00:00
mageia
mageia
Updated unbound packages fix a security vulnerability
2021-03-27 17:27:02
freebsd
freebsd
Unbound/NSD -- Denial of service vulnerability
2020-12-01 00:00:00
cbl_mariner
cbl_mariner
CVE-2020-28935 affecting package unbound 1.10.0-5
2021-01-11 21:49:36
CVE-2020-28935 affecting package unbound 1.10.0-5
2022-04-09 06:51:51
gentoo
gentoo
NSD: Symbolic link traversal
2021-01-29 00:00:00
alpinelinux
alpinelinux
CVE-2020-28935
2020-12-07 22:15:00
9.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
7.5 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
Related for ELSA-2021-1853