The unbound packages provide a validating, recursive, and caching DNS or DNSSEC resolver. Security Fix: * unbound: integer overflow in the regional allocator via regional_alloc * unbound: integer overflow in sldns_str2wire_dname_buf_origin can lead to an out-of-bounds write * unbound: out-of-bounds write in sldns_bget_token_par * unbound: assertion failure and denial of service in synth_cname * unbound: assertion failure and denial of service in dname_pkt_copy via an invalid packet * unbound: integer overflow in a size calculation in dnscrypt/dnscrypt.c * unbound: integer overflow in a size calculation in respip/respip.c * unbound: infinite loop via a compressed name in dname_pkt_copy * unbound: assertion failure via a compressed name in dname_pkt_copy * unbound: out-of-bounds write via a compressed name in rdata_copy * unbound: symbolic link traversal when writing PID file For more details about the security issue, including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page listed in the References section. Additional Changes: For detailed information on changes in this release, see the Red Hat Enterprise Linux 8.4 Release Notes linked from the References section.