Security update for unbound
This update for unbound fixes the following issues:
- CVE-2020-12662: Fixed an issue where unbound could have been tricked into amplifying
an incoming query into a large number of queries directed to a target (bsc#1171889).
- CVE-2020-12663: Fixed an issue where malformed answers from upstream name servers
could have been used to make unbound unresponsive (bsc#1171889).
- CVE-2019-18934: Fixed a vulnerability in the IPSec module which could have allowed
code execution after receiving a special crafted answer (bsc#1157268).
This update was imported from the SUSE:SLE-15-SP1:Update update project.
-
Submitted by
Rubén Torrero Marijnissen (rtorrero)
Fixed bugs
bnc#1171889
VUL-0: CVE-2020-12662,CVE-2020-12663 : unbound: Vulnerabilities fixed in 1.10.1
bnc#1157268
VUL-0: CVE-2019-18934: unbound: Remote shell code execution in the IPSEC module