main/unbound: security upgrade to 1.21.1 (!73015) · Merge requests · alpine / aports

Daniel Néri requested to merge dne/aports:unbound-1.21.1 into master Oct 04, 2024

CVE-2024-8508: "Malicious upstreams responses with very large RRsets can cause Unbound to spend a considerable time applying name compression to downstream replies. This can lead to degraded performance and eventually denial of service in well orchestrated attacks."

https://www.nlnetlabs.nl/downloads/unbound/CVE-2024-8508.txt
https://github.com/NLnetLabs/unbound/releases/tag/release-1.21.1

main/unbound: security upgrade to 1.21.1

Merge request reports