U radu programskog paketa Unbound uočena je nova ranjivost koja dovodi do izvođenja napada uskraćivanja usluga.

--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2011-7555
2011-05-26 21:13:47
--------------------------------------------------------------------------------

Name        : unbound
Product     : Fedora 14
Version     : 1.4.8
Release     : 2.fc14
URL         : http://www.nlnetlabs.nl/unbound/
Summary     : Validating, recursive, and caching DNS(SEC) resolver
Description :
Unbound is a validating, recursive, and caching DNS(SEC) resolver.

The C implementation of Unbound is developed and maintained by NLnet
Labs. It is based on ideas and algorithms taken from a java prototype
developed by Verisign labs, Nominet, Kirei and ep.net.

Unbound is designed as a set of modular components, so that also
DNSSEC (secure DNS) validation and stub-resolvers (that do not run
as a server, but are linked into an application) are easily possible.

--------------------------------------------------------------------------------
Update Information:

Denial of Service fix: CVE-2011-1922.
--------------------------------------------------------------------------------
ChangeLog:

* Wed May 25 2011 Paul Wouters <Ova e-mail adresa je zaštićena od spambota. Potrebno je omogućiti JavaScript da je vidite.> - 1.4.8-2
- Applied patch for CVE-2011-1922 DoS vulnerability
* Sat Mar 19 2011 Paul Wouters <Ova e-mail adresa je zaštićena od spambota. Potrebno je omogućiti JavaScript da je vidite.> - 1.4.8-1
- Updated to 1.4.8
- Enable root key for DNSSEC
- Fix unbound-munin to use proper file (could cause excessive logging)
- Build unbound-python per default
- Disable gost as Fedora/EPEL does not allow ECC and has mangled openssl
- ghost /var/run/unbound
- fix missing file-attr in unbound-python sub package
* Mon Feb 14 2011 Paul Wouters <Ova e-mail adresa je zaštićena od spambota. Potrebno je omogućiti JavaScript da je vidite.> - 1.4.5-3
- rebuilt
--------------------------------------------------------------------------------

This update can be installed with the "yum" update program.  Use 
su -c 'yum update unbound' at the command line.
For more information, refer to "Managing Software with yum",
available at http://docs.fedoraproject.org/yum/.

All packages are signed with the Fedora Project GPG key.  More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
_______________________________________________
package-announce mailing list
Ova e-mail adresa je zaštićena od spambota. Potrebno je omogućiti JavaScript da je vidite.
https://admin.fedoraproject.org/mailman/listinfo/package-announce