RHSA-2022:8062-01 -- Redhat unbound, python3-unboundID: oval:org.secpod.oval:def:507352 | Date: (C)2022-11-23 (M)2023-04-06 |
Class: PATCH | Family: unix |
The unbound packages provide a validating, recursive, and caching DNS or DNSSEC resolver. The following packages have been upgraded to a later upstream version: unbound . Security Fix: * unbound: novel ghost domain attack that allows attackers to trigger continued resolvability of malicious domain names * unbound: novel ghost domain attack that allows attackers to trigger continued resolvability of malicious domain names For more details about the security issue, including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page listed in the References section. Additional Changes: For detailed information on changes in this release, see the Red Hat Enterprise Linux 9.1 Release Notes linked from the References section. 4. Solution: For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 5. Bugs fixed : 1981415 - unbound: don"t use deprecated functions in OpenSSL 3.0 2056116 - unbound-devel is not available on Centos 9 Stream
Platform: |
Red Hat Enterprise Linux 9 |
Product: |
unbound |
python3-unbound |