> If the user has messed with the configuration > of the local_unbound resolver to open it up to the network and get DoS’d from > the remote network, I don’t feel this is something secteam is responsible for > responding to.
Thanks, Gordon. That's a fair point. Security scanners will still find unbound 1.19.1, though, and report it as vulnerable. An advisory (or errata?) explaining the situation would make it clear that there is no actual vulnerability in the base system unbound. Just my $.02, take it or leave it. -spw
