Todo #15483
open
Added by Glenn Hall 4 months ago.
Updated 4 months ago.
Plus Target Version:
24.08
Description
Update Unbound to version 1.20.0, as this newest version contains a fix for the DNSBomb vulnerability CVE-2024-33655.
- Priority changed from Normal-package to Normal
- Target version set to 2.8.0
- Plus Target Version set to 24.07
If you read the details that isn't really a vulnerability in Unbound and they only added/changed some default values to make it less of a tempting middleman for attackers. We're already working on updating it, but it's not as critical as if it were a flaw in Unbound itself.
- Plus Target Version changed from 24.07 to 24.08
Also available in: Atom
PDF