Upstream has issued an advisory today (May 19): https://nlnetlabs.nl/downloads/unbound/CVE-2020-12662_2020-12663.txt The issues are fixed upstream in 1.10.1. Mageia 7 is also affected.
Status comment: (none) => Fixed upstream in 1.10.1Whiteboard: (none) => MGA7TOO
CC: (none) => mageiaVersion: Cauldron => 7Whiteboard: MGA7TOO => (none)
1.10.1 pushed into cauldron.
Advisory: ======================== Updated unbound packages fix security vulnerability: - CVE-2020-12662 Unbound can be tricked into amplifying an incoming query into a large number of queries directed to a target. - CVE-2020-12663 Malformed answers from upstream name servers can be used to make Unbound unresponsive. References: https://nlnetlabs.nl/downloads/unbound/CVE-2020-12662_2020-12663.txt Updated packages in core/updates_testing: ======================== unbound-1.10.1-1.mga7 libunbound8-1.10.1-1.mga7 libunbound-devel-1.10.1-1.mga7 python2-unbound-1.10.1-1.mga7 python3-unbound-1.10.1-1.mga7 unbound-debuginfo-1.10.1-1.mga7 libunbound8-debuginfo-1.10.1-1.mga7 python2-unbound-debuginfo-1.10.1-1.mga7 python3-unbound-debuginfo-1.10.1-1.mga7 from: unbound-1.10.1-1.mga7
Assignee: eatdirt => qa-bugs
Status comment: Fixed upstream in 1.10.1 => (none)
MGA7-64 Plasma on Lenovo B50 No installation issues omitting the devel and debug packages. Ref bug 25974 Comment 1 for testing. # systemctl start unbound # systemctl -l status unbound ● unbound.service - Unbound DNS Resolver Loaded: loaded (/usr/lib/systemd/system/unbound.service; disabled; vendor preset: disabled) Active: active (running) since Wed 2020-05-20 13:48:16 CEST; 18s ago Main PID: 8189 (unbound) Tasks: 1 (limit: 4915) Memory: 5.6M CGroup: /system.slice/unbound.service └─8189 /usr/sbin/unbound -c /etc/unbound/unbound.conf May 20 13:48:16 mach5.hviaene.thuis systemd[1]: Started Unbound DNS Resolver. May 20 13:48:16 mach5.hviaene.thuis unbound[8189]: [8189:0] notice: init module 0: validator May 20 13:48:16 mach5.hviaene.thuis unbound[8189]: [8189:0] notice: init module 1: iterator May 20 13:48:16 mach5.hviaene.thuis unbound[8189]: [8189:0] info: start of service (unbound 1.10.1). OK.
Whiteboard: (none) => MGA7-64-OKCC: (none) => herman.viaene
Validating. Advisory in Comment 2.
Keywords: (none) => validated_updateCC: (none) => andrewsfarm, sysadmin-bugs
Keywords: (none) => advisoryCC: (none) => tmb
An update for this issue has been pushed to the Mageia Updates repository. https://advisories.mageia.org/MGASA-2020-0224.html
Status: NEW => RESOLVEDResolution: (none) => FIXED