Actions
Bug #10576
closed
Update unbound to mitigate CVE-2020-12662
Start date:
05/20/2020
Due date:
% Done:
100%
Estimated time:
Plus Target Version:
Release Notes:
Affected Version:
All
Affected Architecture:
All
Description
Unbound is vulnerable to a new type of DNS amplification attack dubbed NXNSAttack.
Updated by Jim Pingle over 4 years ago
- Category set to DNS Resolver
- Assignee set to Renato Botelho
- Priority changed from Normal to High
- Target version set to 2.4.5-p1
- Affected Version set to All
- Affected Architecture All added
Updated by Renato Botelho over 4 years ago
- Status changed from New to Feedback
- % Done changed from 0 to 100
Done
Updated by Jim Pingle over 4 years ago
New version is offered on 2.4.5:
unbound-1.9.6 < needs updating (remote has 1.10.1)
Upgrades OK:
: pkg upgrade -y unbound
Updating pfSense-core repository catalogue...
pfSense-core repository is up to date.
Updating pfSense repository catalogue...
pfSense repository is up to date.
All repositories are up to date.
The following 2 package(s) will be affected (of 0 checked):
Installed packages to be UPGRADED:
unbound: 1.9.6 -> 1.10.1 [pfSense]
python37: 3.7.6 -> 3.7.7 [pfSense]
Number of packages to be upgraded: 2
17 MiB to be downloaded.
[1/2] Fetching unbound-1.10.1.txz: 100% 1 MiB 385.6kB/s 00:03
[2/2] Fetching python37-3.7.7.txz: 100% 16 MiB 618.1kB/s 00:27
Checking integrity... done (0 conflicting)
[1/2] Upgrading python37 from 3.7.6 to 3.7.7...
[1/2] Extracting python37-3.7.7: 100%
[2/2] Upgrading unbound from 1.9.6 to 1.10.1...
===> Creating groups.
Using existing group 'unbound'.
===> Creating users
Using existing user 'unbound'.
[2/2] Extracting unbound-1.10.1: 100%
Service is running, restarts fine, no errors. Resolves as expected with a basic config. Works the same after a reboot. If others encounter problems, we can address them with new issues.
Actions