Debian Patches
Status for unbound/1.17.1-2+deb12u3
| Patch | Description | Author | Forwarded | Bugs | Origin | Last update |
|---|---|---|---|---|---|---|
| unbound-control-setup-check-openssl.patch | unbound-control-setup: check openssl Before doing anything, check if openssl binary (which we will use) is available, and print a useful error message if it is not found. diff --git a/smallapp/unbound-control-setup.sh.in b/smallapp/unbound-control-setup.sh.in index eaf1d082..be804879 100644 |
Michael Tokarev <mjt@tls.msk.ru> | no | 2022-04-19 | ||
| do-not-chown-control-socket.patch | do not chown control socket There's no need to chown the control socket to the unbound user, only group ownership is actually useful. diff --git a/daemon/remote.c b/daemon/remote.c index 675ef439..76eb6118 100644 |
Michael Tokarev <mjt@tls.msk.ru> | no | 2022-04-28 | ||
| do-not-look-at-pidfile.patch | diff --git a/daemon/unbound.c b/daemon/unbound.c index 457a0803..9d8491b3 100644 |
no | ||||
| fix-812-fix-846-by-using-the-SSL_OP_IGNORE_UNEXPECTE.patch | Fix #812, fix #846, by using the SSL_OP_IGNORE_UNEXPECTED_EOF option to ignore the unexpected eof while reading in openssl >= 3. | George Thessalonikefs <george@nlnetlabs.nl> | not-needed | debian upstream | upstream, https://github.com/NLnetLabs/unbound/commit/d7e776114114c16816570e48ab3a27eedc401a0e | 2023-03-17 |
| CVE-2023-50387_CVE-2023-50868_1.16.1-1.17.1.patch | diff --git a/services/authzone.c b/services/authzone.c index 3898767c..4c63b2e0 100644 |
no | ||||
| CVE-2024-43168/01-193401e75.patch | fix heap-buffer-overflow issue in function cfg_mark_ports of file util/config_file.c | zhailiangliang <zhailiangliang@loongson.cn> | yes | upstream | https://github.com/NLnetLabs/unbound/commit/193401e7543a1e561dd634a3eaae932fa462a2b9 | 2024-04-03 |
| CVE-2024-43168/02-dfff8d23c.patch | Adjust error text and disallow negative ports in other parts of cfg_mark_ports | "W.C.A. Wijngaards" <wouter@nlnetlabs.nl> | yes | upstream | https://github.com/NLnetLabs/unbound/commit/dfff8d23cf4145c58e5c1e99d4159d3a91a70ab7 | 2024-04-03 |
| CVE-2024-43168/03-4497e8a15.patch | Fix potential overflow bug while parsing port in function cfg_mark_ports | zhailiangliang <zhailiangliang@loongson.cn> | yes | upstream | https://github.com/NLnetLabs/unbound/commit/4497e8a154f53cd5947a6ee5aa65cf99be57152e | 2024-05-07 |
| CVE-2024-43168/04-c085a5326.patch | Fix declaration before statement, avoid print of null, and redundant check for array size | "W.C.A. Wijngaards" <wouter@nlnetlabs.nl> | yes | upstream | https://github.com/NLnetLabs/unbound/commit/c085a53268940dfbb907cbaa7a690740b6c8210c | 2024-05-07 |
| CVE-2024-43167/01-8e43e2574.patch | fix null pointer dereference issue in function ub_ctx_set_fwd of file libunbound/libunbound.c | zhailiangliang <zhailiangliang@loongson.cn> | yes | debian upstream | https://github.com/NLnetLabs/unbound/commit/8e43e2574c4e02f79c562a061581cdcefe136912 | 2024-05-21 |
| CVE-2024-43167/02-86ee8ccd1.patch | Fix to print a parse error when config is read with no name for a forward-zone, stub-zone or view | "W.C.A. Wijngaards" <wouter@nlnetlabs.nl> | yes | debian upstream | https://github.com/NLnetLabs/unbound/commit/86ee8ccd121d6ad2db41e065b7d5e63605a324b2 | 2024-05-21 |
| CVE-2024-43167/03-d149e755f.patch | Fix for parse end of forward-zone, stub-zone and view. | "W.C.A. Wijngaards" <wouter@nlnetlabs.nl> | yes | debian upstream | https://github.com/NLnetLabs/unbound/commit/d149e755fd0b961fe6f0710ae88e7b2fa1662310 | 2024-05-21 |
| CVE-2024-43167/04-db1167c8b.patch | Fix "memory exhausted" error when defining more than 9994 local-zones | "W.C.A. Wijngaards" <wouter@nlnetlabs.nl> | yes | debian upstream | https://github.com/NLnetLabs/unbound/commit/db1167c8b38daf2a4352ba3e4e6d54740e999d29 | 2024-08-23 |
| CVE-2024-8508.patch | Fix CVE-2024-8508, unbounded name compression could lead to denial of service. | Yorgos Thessalonikefs <yorgos@nlnetlabs.nl> | yes | debian upstream | https://github.com/NLnetLabs/unbound/commit/b7c61d7cc256d6a174e6179622c7fa968272c259 | 2024-10-03 |
| CVE-2024-33655.patch | Fix for the DNSBomb vulnerability CVE-2024-33655 Thanks to Xiang Li from the Network and Information Security Lab of Tsinghua University for reporting it. |
"W.C.A. Wijngaards" <wouter@nlnetlabs.nl> | yes | upstream | https://github.com/NLnetLabs/unbound/commit/c3206f4568f60c486be6d165b1f2b5b254fea3de | 2024-05-01 |
| CVE-2025-5994.patch | Fix RebirthDay Attack CVE-2025-5994 Reported by Xiang Li from AOSP Lab Nankai University. |
"W.C.A. Wijngaards" <wouter@nlnetlabs.nl> | yes | debian upstream | https://github.com/NLnetLabs/unbound/commit/5bf82f246481098a6473f296b21fc1229d276c0f | 2025-07-16 |
| 0017-Updated-IPv4-and-IPv6-address-for-b.root-servers.net.patch | Updated IPv4 and IPv6 address for b.root-servers.net in root hints. See https://b.root-servers.org/news/2023/05/16/new-addresses.html . This fixes the `root_hints` longtest. |
"W.C.A. Wijngaards" <wouter@nlnetlabs.nl> | no | https://github.com/NLnetLabs/unbound/commit/a8739bad76d4d179290627e989c7ef236345bda6 | 2023-12-06 |
All known versions for source package 'unbound'
- 1.23.1-1 (sid, forky)
- 1.22.0-2 (trixie)
- 1.17.1-2+deb12u3 (bookworm-security, bookworm)