2340 matches found
[SECURITY] [DSA 6304-1] unbound security update
------------------------------------------------------------------------- Debian Security Advisory DSA-6304-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff May 27, 2026 https://www.debian.org/security/faq -...
Amazon Linux 2023 : python3-unbound, unbound, unbound-anchor (ALAS2023-2026-1756)
It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2026-1756 advisory. NLnet Labs Unbound 1.19.1 up to and including version 1.25.0 has a vulnerability in the DNSSEC validator that enables denial of service and possible remote code execution as a result of deep...
Fedora 44 : unbound (2026-49f37e16aa)
The remote Fedora 44 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2026-49f37e16aa advisory. Update to 1.25.1 rhbz2480119 - Fix CVE-2026-33278, Possible remote code execution during DNSSEC validation. Thanks to Qifan Zhang, Palo Alto Network...
CVE-2026-42960
A flaw was found in Unbound's handling of DNS reply messages, complementing the earlier CVE-2025-11411 fix. Unbound accepts and caches address records from the additional section of DNS replies when they accompany authority section RRSets other than NS such as MX records. A malicious actor who ca...
CVE-2026-42923
A flaw was found in Unbound's DNSSEC validator where the code path for consulting the negative cache for DS records does not honor the limit on NSEC3 hash calculations introduced in version 1.19.1. An adversary who controls a DNSSEC-signed zone can sign NSEC3 records with high iteration counts fo...
CVE-2026-32792
A flaw was found in Unbound. A remote attacker can exploit this vulnerability by sending a specially crafted DNSCrypt query. This malicious query, when processed, causes Unbound to read beyond its allocated memory, leading to a heap overflow. This can result in a denial of service DoS by crashing...
[SECURITY] Fedora 44 Update: unbound-1.25.1-1.fc44
Unbound is a validating, recursive, and caching DNSSEC resolver. The C implementation of Unbound is developed and maintained by NLnet Labs. It is based on ideas and algorithms taken from a java prototype developed by Verisign labs, Nominet, Kirei and ep.net. Unbound is designed as a set of modula...
Moderate: Red Hat Security Advisory: Red Hat Hardened Images RPMs bug fix and enhancement update
An update for Red Hat Hardened Images RPMs is now available. This update includes the following RPMs: unbound: python3-unbound-1.25.1-1.hum1 aarch64, x8664 unbound-1.25.1-1.hum1 aarch64, x8664 unbound-anchor-1.25.1-1.hum1 aarch64, x8664 unbound-devel-1.25.1-1.hum1 aarch64, x8664...
CVE-2026-40622 affecting package unbound for versions less than 1.25.1-1
CVE-2026-40622 affecting package unbound for versions less than 1.25.1-1. An upgraded version of the package is available that resolves this issue...
CVE-2026-42534 affecting package unbound for versions less than 1.25.1-1
CVE-2026-42534 affecting package unbound for versions less than 1.25.1-1. An upgraded version of the package is available that resolves this issue...
CVE-2026-33278 affecting package unbound for versions less than 1.25.1-1
CVE-2026-33278 affecting package unbound for versions less than 1.25.1-1. An upgraded version of the package is available that resolves this issue...
CVE-2026-44390 affecting package unbound for versions less than 1.25.1-1
CVE-2026-44390 affecting package unbound for versions less than 1.25.1-1. An upgraded version of the package is available that resolves this issue...
CVE-2026-42923 affecting package unbound for versions less than 1.25.1-1
CVE-2026-42923 affecting package unbound for versions less than 1.25.1-1. An upgraded version of the package is available that resolves this issue...
CVE-2026-42944 affecting package unbound for versions less than 1.25.1-1
CVE-2026-42944 affecting package unbound for versions less than 1.25.1-1. An upgraded version of the package is available that resolves this issue...
CVE-2026-41292 affecting package unbound for versions less than 1.25.1-1
CVE-2026-41292 affecting package unbound for versions less than 1.25.1-1. An upgraded version of the package is available that resolves this issue...
CVE-2026-32792 affecting package unbound for versions less than 1.25.1-1
CVE-2026-32792 affecting package unbound for versions less than 1.25.1-1. An upgraded version of the package is available that resolves this issue...
CVE-2026-42959 affecting package unbound for versions less than 1.25.1-1
CVE-2026-42959 affecting package unbound for versions less than 1.25.1-1. An upgraded version of the package is available that resolves this issue...
CVE-2026-44608 affecting package unbound for versions less than 1.25.1-1
CVE-2026-44608 affecting package unbound for versions less than 1.25.1-1. An upgraded version of the package is available that resolves this issue...
CVE-2026-42960 affecting package unbound for versions less than 1.25.1-1
CVE-2026-42960 affecting package unbound for versions less than 1.25.1-1. An upgraded version of the package is available that resolves this issue...
CLSA-2026-1779533909 unbound: Fix of 3 CVEs
CVE-2026-33278: dangling pointer dereference in dnsmsgdeepcopyregion during DS sub-query suspend/resume; the previously-backported CVE-2023-50387-CVE-2023-50868.patch dragged the vulnerable 'res-rep = origin-rep;' struct-assignment into our 1.16.2 tree. Save the destination rrsets pointer,...