-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Package : unbound Version : 1.4.22-3+deb8u4 CVE ID : CVE-2017-15105 Debian Bug : 887733
Ralph Dolmans and Karst Koymans found a flaw in the way unbound, a validating, recursive, caching DNS resolver, validated wildcard-synthesized NSEC records. An improperly validated wildcard NSEC record could be used to prove the non-existence (NXDOMAIN answer) of an existing wildcard record, or trick unbound into accepting a NODATA proof. For more information please refer to the upstream advisory at https://unbound.net/downloads/CVE-2017-15105.txt. For Debian 8 "Jessie", this problem has been fixed in version 1.4.22-3+deb8u4. We recommend that you upgrade your unbound packages. Further information about Debian LTS security advisories, how to apply these updates to your system and frequently asked questions can be found at: https://wiki.debian.org/LTS -----BEGIN PGP SIGNATURE----- iQKTBAEBCgB9FiEErPPQiO8y7e9qGoNf2a0UuVE7UeQFAlxl1GJfFIAAAAAALgAo aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldEFD RjNEMDg4RUYzMkVERUY2QTFBODM1RkQ5QUQxNEI5NTEzQjUxRTQACgkQ2a0UuVE7 UeQQsxAAuxGz7Uprm65Rhxf9W6eWnMLcMqM9olmTdwrTwNIrfwfoxeXX+wf8X29x tnlWNJ4MsdTBtJYi7III+bNR5e8IOQWNZP7PLJjVHiedREQnh/yIUtz4Zb2ESb48 ehtN9xb0+MZ/TsaIQNGC7JNWLaIhd3Ic76hIs2MzfjlFrvat4nW2A1EwJ5Fe9WhK faHGxH+sAvV41RyGPX+QTQIZCoXgsNWFCTMNhiRFdW/w2VjMaeelLwD36V9LYjtE /hxV1Ywd0NKVQEA3BOvo85SlwDDaPBN6s1HNQy8RIR3R/F3RSBcpyB/ALFZGycEk 4VU6paC/PZ+tizKrUShuOTTYIt5KxnTDPnBlPaX+gR9397aIsBLxam7L7Mol9YuA OU3bglpXp9Dg8XRbri1KPdNxS2MUbCPeO2TIhJUoViZkxqh3I9cLgHa+72Dxv2zj inYJy7Kzgg29QgOy7KAPP2ovtOF+Ha8EZmym97BRQ2YWK8azxMQSujAKzVBv59Fq WAd+1Peh1Jk+yAqpVtwetioh9KaD/aHTlctMEkNwJlJg//S5vlNF+PRxSaM17YXt YIRUU2ST/x4e8GwgNa5f2AQYBUegKUOFNdoPp50Oon/C/p7PaPOSroWfPUe66T3i S092iTunZ0/aebCPgmkZWzLQ8y1zwud7QaUH0CEJAUvi/pq6vyg= =lvHO -----END PGP SIGNATURE-----
