DSA-2370-1 unbound -- severalID: oval:org.secpod.oval:def:600653 | Date: (C)2012-01-30 (M)2022-10-10 |
Class: PATCH | Family: unix |
It was discovered that Unbound, a recursive DNS resolver, would crash when processing certain malformed DNS responses from authoritative DNS servers, leading to denial of service. CVE-2011-4528 Unbound attempts to free unallocated memory during processing of duplicate CNAME records in a signed zone. CVE-2011-4869 Unbound does not properly process malformed responses which lack expected NSEC3 records.
Platform: |
Debian 5.0 |
Debian 6.0 |