projects / buildroot.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 497e3df)
package/unbound: bump version to 1.10.1 for security fixes
authorStefan Ott <stefan@ott.net>
Fri, 22 May 2020 01:40:26 +0000 (03:40 +0200)
committerPeter Korsgaard <peter@korsgaard.com>
Fri, 22 May 2020 12:06:01 +0000 (14:06 +0200)
Fixes the following security vulnerabilities:

CVE-2020-12662: Unbound can be tricked into amplifying an incoming query
  into a large number of queries directed to a target.

CVE-2020-12663: Malformed answers from upstream name servers can be used
  to make Unbound unresponsive.

Signed-off-by: Stefan Ott <stefan@ott.net>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
package/unbound/unbound.hash patch | blob | history
package/unbound/unbound.mk patch | blob | history

diff --git a/package/unbound/unbound.hash b/package/unbound/unbound.hash
index 11626d0b6f6301e8f49277617fa0a15c55d4b4cb..52d78e1678b6d252c7fc54518b052ab9384a9fdf 100644 (file)
--- a/package/unbound/unbound.hash
+++ b/package/unbound/unbound.hash
@@ -1,3 +1,3 @@
 # Locally calculated
-sha256 152f486578242fe5c36e89995d0440b78d64c05123990aae16246b7f776ce955  unbound-1.10.0.tar.gz
+sha256 b73677c21a71cf92f15cc8cfe76a3d875e40f65b6150081c39620b286582d536  unbound-1.10.1.tar.gz
 sha256 8eb9a16cbfb8703090bbfa3a2028fd46bb351509a2f90dc1001e51fbe6fd45db  LICENSE
diff --git a/package/unbound/unbound.mk b/package/unbound/unbound.mk
index 59543438fd19ff869c8e04de2ccfb78f040db24c..0917db1deff496ceb67e28e69fe20ea479f2f35a 100644 (file)
--- a/package/unbound/unbound.mk
+++ b/package/unbound/unbound.mk
@@ -4,7 +4,7 @@
 #
 ################################################################################
 
-UNBOUND_VERSION = 1.10.0
+UNBOUND_VERSION = 1.10.1
 UNBOUND_SITE = https://www.unbound.net/downloads
 UNBOUND_DEPENDENCIES = host-pkgconf expat libevent openssl
 UNBOUND_LICENSE = BSD-3-Clause