UbuntuUpdates.org

Bugs fixes in "unbound"

Origin Bug number Title Date fixed
CVE CVE-2019-25037 Unbound before 1.9.5 allows an assertion failure and denial of service in dname_pkt_copy via an invalid packet. 2021-05-06
CVE CVE-2019-25036 Unbound before 1.9.5 allows an assertion failure and denial of service in synth_cname. 2021-05-06
CVE CVE-2019-25035 Unbound before 1.9.5 allows an out-of-bounds write in sldns_bget_token_par. 2021-05-06
CVE CVE-2019-25034 Unbound before 1.9.5 allows an integer overflow in sldns_str2wire_dname_buf_origin, leading to an out-of-bounds write. 2021-05-06
CVE CVE-2019-25033 Unbound before 1.9.5 allows an integer overflow in the regional allocator via the ALIGN_UP macro. 2021-05-06
CVE CVE-2019-25032 Unbound before 1.9.5 allows an integer overflow in the regional allocator via regional_alloc. 2021-05-06
CVE CVE-2019-25031 Unbound before 1.9.5 allows configuration injection in create_unbound_ad_servers.sh upon a successful man-in-the-middle attack against a cleartext HT 2021-05-06
CVE CVE-2020-28935 NLnet Labs Unbound, up to and including version 1.12.0, and NLnet Labs NSD, up to and including version 4.3.3, contain a local vulnerability that wou 2021-05-06
CVE CVE-2019-25042 Unbound before 1.9.5 allows an out-of-bounds write via a compressed name in rdata_copy. 2021-05-06
CVE CVE-2019-25041 Unbound before 1.9.5 allows an assertion failure via a compressed name in dname_pkt_copy. 2021-05-06
CVE CVE-2019-25040 Unbound before 1.9.5 allows an infinite loop via a compressed name in dname_pkt_copy. 2021-05-06
CVE CVE-2019-25039 Unbound before 1.9.5 allows an integer overflow in a size calculation in respip/respip.c. 2021-05-06
CVE CVE-2019-25038 Unbound before 1.9.5 allows an integer overflow in a size calculation in dnscrypt/dnscrypt.c. 2021-05-06
CVE CVE-2019-25037 Unbound before 1.9.5 allows an assertion failure and denial of service in dname_pkt_copy via an invalid packet. 2021-05-06
CVE CVE-2019-25036 Unbound before 1.9.5 allows an assertion failure and denial of service in synth_cname. 2021-05-06
CVE CVE-2019-25035 Unbound before 1.9.5 allows an out-of-bounds write in sldns_bget_token_par. 2021-05-06
CVE CVE-2019-25034 Unbound before 1.9.5 allows an integer overflow in sldns_str2wire_dname_buf_origin, leading to an out-of-bounds write. 2021-05-06
CVE CVE-2019-25033 Unbound before 1.9.5 allows an integer overflow in the regional allocator via the ALIGN_UP macro. 2021-05-06
CVE CVE-2019-25032 Unbound before 1.9.5 allows an integer overflow in the regional allocator via regional_alloc. 2021-05-06
CVE CVE-2019-25031 Unbound before 1.9.5 allows configuration injection in create_unbound_ad_servers.sh upon a successful man-in-the-middle attack against a cleartext HT 2021-05-06



About   -   Send Feedback to @ubuntu_updates