Bugs fixes in "unbound"
| Origin | Bug number | Title | Date fixed |
|---|---|---|---|
| CVE | CVE-2019-25039 | Unbound before 1.9.5 allows an integer overflow in a size calculation in respip/respip.c. | 2021-05-06 |
| CVE | CVE-2019-25038 | Unbound before 1.9.5 allows an integer overflow in a size calculation in dnscrypt/dnscrypt.c. | 2021-05-06 |
| CVE | CVE-2019-25037 | Unbound before 1.9.5 allows an assertion failure and denial of service in dname_pkt_copy via an invalid packet. | 2021-05-06 |
| CVE | CVE-2019-25036 | Unbound before 1.9.5 allows an assertion failure and denial of service in synth_cname. | 2021-05-06 |
| CVE | CVE-2019-25035 | Unbound before 1.9.5 allows an out-of-bounds write in sldns_bget_token_par. | 2021-05-06 |
| CVE | CVE-2019-25034 | Unbound before 1.9.5 allows an integer overflow in sldns_str2wire_dname_buf_origin, leading to an out-of-bounds write. | 2021-05-06 |
| CVE | CVE-2019-25033 | Unbound before 1.9.5 allows an integer overflow in the regional allocator via the ALIGN_UP macro. | 2021-05-06 |
| CVE | CVE-2019-25032 | Unbound before 1.9.5 allows an integer overflow in the regional allocator via regional_alloc. | 2021-05-06 |
| CVE | CVE-2019-25031 | Unbound before 1.9.5 allows configuration injection in create_unbound_ad_servers.sh upon a successful man-in-the-middle attack against a cleartext HT | 2021-05-06 |
| CVE | CVE-2020-28935 | NLnet Labs Unbound, up to and including version 1.12.0, and NLnet Labs NSD, up to and including version 4.3.3, contain a local vulnerability that wou | 2021-05-06 |
| CVE | CVE-2019-25042 | Unbound before 1.9.5 allows an out-of-bounds write via a compressed name in rdata_copy. | 2021-05-06 |
| CVE | CVE-2019-25041 | Unbound before 1.9.5 allows an assertion failure via a compressed name in dname_pkt_copy. | 2021-05-06 |
| CVE | CVE-2019-25040 | Unbound before 1.9.5 allows an infinite loop via a compressed name in dname_pkt_copy. | 2021-05-06 |
| CVE | CVE-2019-25039 | Unbound before 1.9.5 allows an integer overflow in a size calculation in respip/respip.c. | 2021-05-06 |
| CVE | CVE-2019-25038 | Unbound before 1.9.5 allows an integer overflow in a size calculation in dnscrypt/dnscrypt.c. | 2021-05-06 |
| CVE | CVE-2019-25037 | Unbound before 1.9.5 allows an assertion failure and denial of service in dname_pkt_copy via an invalid packet. | 2021-05-06 |
| CVE | CVE-2019-25036 | Unbound before 1.9.5 allows an assertion failure and denial of service in synth_cname. | 2021-05-06 |
| CVE | CVE-2019-25035 | Unbound before 1.9.5 allows an out-of-bounds write in sldns_bget_token_par. | 2021-05-06 |
| CVE | CVE-2019-25034 | Unbound before 1.9.5 allows an integer overflow in sldns_str2wire_dname_buf_origin, leading to an out-of-bounds write. | 2021-05-06 |
| CVE | CVE-2019-25033 | Unbound before 1.9.5 allows an integer overflow in the regional allocator via the ALIGN_UP macro. | 2021-05-06 |
About
-
Send Feedback to @ubuntu_updates
