Package "unbound"

Name:	unbound
Description:	This package is just an umbrella for a group of other packages, it has no description. Description samples from packages in group: static library, header files, and docs for libunbound library implementing DNS resolution and validation
Latest version:	1.13.1-1ubuntu5.11
Release:	jammy (22.04)
Level:	security
Repository:	main

Links

Raw Package Information

All versions of this package

Bug fixes

List of files in package

Repository home page

Other versions of "unbound" in Jammy

Repository	Area	Version
base	main	1.13.1-1ubuntu5
base	universe	1.13.1-1ubuntu5
security	universe	1.13.1-1ubuntu5.11
updates	main	1.13.1-1ubuntu5.12
updates	universe	1.13.1-1ubuntu5.12

Packages in group

Deleted packages are displayed in grey.

Changelog

Version: 1.13.1-1ubuntu5.11 2025-07-24 19:09:39 UTC

unbound (1.13.1-1ubuntu5.11) jammy-security; urgency=medium * SECURITY UPDATE: Rebirthday Attack cache poisoning issue - debian/patches/CVE-2025-5994.patch: Fix issue in edns-subnet/subnetmod.c, edns-subnet/subnetmod.h. - CVE-2025-5994 -- Marc Deslauriers <email address hidden> Fri, 18 Jul 2025 13:40:33 -0400

Source diff to previous version

CVE-2025-5994

A multi-vendor cache poisoning vulnerability named 'Rebirthday Attack' has been discovered in caching resolvers that support EDNS Client Subnet (ECS)

Version: 1.13.1-1ubuntu5.8 2024-10-22 11:07:00 UTC

unbound (1.13.1-1ubuntu5.8) jammy-security; urgency=medium * SECURITY UPDATE: denial of service via large RRsets compression - debian/patches/CVE-2024-8508.patch: limit name compression calculations per packet to avoid CPU lockup in util/data/msgencode.c - CVE-2024-8508 -- Vyom Yadav <email address hidden> Thu, 17 Oct 2024 11:28:18 +0530

Source diff to previous version

CVE-2024-8508

NLnet Labs Unbound up to and including version 1.21.0 contains a vulnerability when handling replies with very large RRsets that it needs to perform

Version: 1.13.1-1ubuntu5.7 2024-09-11 08:06:54 UTC

unbound (1.13.1-1ubuntu5.7) jammy-security; urgency=medium * SECURITY UPDATE: null pointer dereference - debian/patches/CVE-2024-43167-1.patch: fix null pointer dereference issue in function ub_ctx_set_fwd of file libunbound/libunbound.c - debian/patches/CVE-2024-43167-2.patch: fix to print a parse error when config is read with no name for a forward-zone, stub- zone or view. - CVE-2024-43167 * SECURITY UPDATE: heap buffer overflow - debian/patches/CVE-2024-43168-1.patch: fix heap-buffer-overflow issue in function cfg_mark_ports of file util/config_file.c - debian/patches/CVE-2024-43168-2.patch: adjust error text and disallow negative ports in other parts of cfg_mark_ports. - CVE-2024-43168 -- Bruce Cable <email address hidden> Thu, 05 Sep 2024 16:35:49 +1000

Source diff to previous version

CVE-2024-43167	A NULL pointer dereference flaw was found in the ub_ctx_set_fwd function in Unbound. This issue could allow an attacker who can invoke specific seque
CVE-2024-43168	A heap-buffer-overflow flaw was found in the cfg_mark_ports function within Unbound's config_file.c, which can lead to memory corruption. This issue

Version: 1.13.1-1ubuntu5.5 2024-05-28 14:07:11 UTC

Version: 1.13.1-1ubuntu5.5	2024-05-28 14:07:11 UTC
unbound (1.13.1-1ubuntu5.5) jammy-security; urgency=medium * SECURITY UPDATE: Unbound could be used to take part in a DoS attack - debian/patches/CVE-2024-33655.patch: fix for the DNSBomb vulnerability in doc/example.conf.in, doc/unbound.conf.5.in, services/cache/infra.c, services/cache/infra.h, services/mesh.c, testdata/*, util/config_file.c, util/config_file.h, util/configlexer.lex, util/configparser.y. - CVE-2024-33655 -- Marc Deslauriers <email address hidden> Wed, 15 May 2024 13:34:34 +0200
Source diff to previous version

unbound (1.13.1-1ubuntu5.5) jammy-security; urgency=medium * SECURITY UPDATE: Unbound could be used to take part in a DoS attack - debian/patches/CVE-2024-33655.patch: fix for the DNSBomb vulnerability in doc/example.conf.in, doc/unbound.conf.5.in, services/cache/infra.c, services/cache/infra.h, services/mesh.c, testdata/*, util/config_file.c, util/config_file.h, util/configlexer.lex, util/configparser.y. - CVE-2024-33655 -- Marc Deslauriers <email address hidden> Wed, 15 May 2024 13:34:34 +0200

Source diff to previous version

Version: 1.13.1-1ubuntu5.4 2024-02-28 15:07:03 UTC

unbound (1.13.1-1ubuntu5.4) jammy-security; urgency=medium * SECURITY UPDATE: Denial of service issues via DNSSEC responses - debian/patches/CVE-2023-50387_CVE-2023-50868_1.12.0-1.13.1.patch: patch obtained from Debian's 1.13.1-1+deb11u2 package, thanks to Salvatore Bonaccorso. - CVE-2023-50387 - CVE-2023-50868 -- Marc Deslauriers <email address hidden> Tue, 27 Feb 2024 16:53:18 -0500

CVE-2023-50387	Certain DNSSEC aspects of the DNS protocol (in RFC 4033, 4034, 4035, 6840, and related RFCs) allow remote attackers to cause a denial of service (CPU
CVE-2023-50868	The Closest Encloser Proof aspect of the DNS protocol (in RFC 5155 when RFC 9276 guidance is skipped) allows remote attackers to cause a denial of se

About - Send Feedback to @ubuntu_updates

Package "unbound"

Links

Other versions of "unbound" in Jammy

Packages in group

Changelog

Share this page

Bookmarks

Latest updates

proposed

updates

PPA updates