Security update for unbound (important)

An update that solves 13 vulnerabilities and has three
fixes is now available.

Description:

This update for unbound fixes the following issues:

• CVE-2019-25031: Fixed configuration injection in
  create_unbound_ad_servers.sh upon a successful man-in-the-middle attack
  (bsc#1185382).
• CVE-2019-25032: Fixed integer overflow in the regional allocator via
  regional_alloc (bsc#1185383).
• CVE-2019-25033: Fixed integer overflow in the regional allocator via the
  ALIGN_UP macro (bsc#1185384).
• CVE-2019-25034: Fixed integer overflow in
  sldns_str2wire_dname_buf_origin, leading to an out-of-bounds write
  (bsc#1185385).
• CVE-2019-25035: Fixed out-of-bounds write in sldns_bget_token_par
  (bsc#1185386).
• CVE-2019-25036: Fixed assertion failure and denial of service in
  synth_cname (bsc#1185387).
• CVE-2019-25037: Fixed assertion failure and denial of service in
  dname_pkt_copy via an invalid packet (bsc#1185388).
• CVE-2019-25038: Fixed integer overflow in a size calculation in
  dnscrypt/dnscrypt.c (bsc#1185389).
• CVE-2019-25039: Fixed integer overflow in a size calculation in
  respip/respip.c (bsc#1185390).
• CVE-2019-25040: Fixed infinite loop via a compressed name in
  dname_pkt_copy (bsc#1185391).
• CVE-2019-25041: Fixed assertion failure via a compressed name in
  dname_pkt_copy (bsc#1185392).
• CVE-2019-25042: Fixed out-of-bounds write via a compressed name in
  rdata_copy (bsc#1185393).
• CVE-2020-28935: Fixed symbolic link traversal when writing PID file
  (bsc#1179191).

Patch Instructions:

To install this openSUSE Security Update use the SUSE recommended installation methods
like YaST online_update or “zypper patch”.

Alternatively you can run the command listed for your product:

• openSUSE Leap 15.4:

  zypper in -t patch openSUSE-SLE-15.4-2022-176=1

• openSUSE Leap 15.3:

  zypper in -t patch openSUSE-SLE-15.3-2022-176=1