-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Tue, 13 Feb 2024 21:15:34 +0100 Source: unbound Architecture: source Version: 1.13.1-1+deb11u2 Distribution: bullseye-security Urgency: high Maintainer: unbound packagers Changed-By: Salvatore Bonaccorso Closes: 1063845 Changes: unbound (1.13.1-1+deb11u2) bullseye-security; urgency=high . * Non-maintainer upload by the Security Team. * Address DNSSEC protocol vulnerabilities (Closes: #1063845) - Fix CVE-2023-50387, DNSSEC verification complexity can be exploited to exhaust CPU resources and stall DNS resolvers. - Fix CVE-2023-50868, NSEC3 closest encloser proof can exhaust CPU. Checksums-Sha1: c0201ed9b8890d8fe94e29ca4104fcfd68bf283e 3198 unbound_1.13.1-1+deb11u2.dsc 561522b06943f6d1c33bd78132db1f7020fc4fd1 5976957 unbound_1.13.1.orig.tar.gz f20b17d911dfa8efb58ee412207829cea2d964c4 833 unbound_1.13.1.orig.tar.gz.asc c6ed27f27987beb1550ac25e4c292fae4d3da1f7 44472 unbound_1.13.1-1+deb11u2.debian.tar.xz Checksums-Sha256: 4594320d0d1c8997ce17530763637ae96dcf72ce5d9412a01a9fd71806ac6afe 3198 unbound_1.13.1-1+deb11u2.dsc 8504d97b8fc5bd897345c95d116e0ee0ddf8c8ff99590ab2b4bd13278c9f50b8 5976957 unbound_1.13.1.orig.tar.gz 1ca1fb3db4baa3e831bc42fcecf3eaceb316abf7a2d816dc46d0efcd199f419e 833 unbound_1.13.1.orig.tar.gz.asc 2c0289540d8530d2a7cf377d4fe2ba87f4998a37e452d5b8b4f8d353b89dd2e7 44472 unbound_1.13.1-1+deb11u2.debian.tar.xz Files: 2d1aa1cfbd128149d6432ae421327e31 3198 net optional unbound_1.13.1-1+deb11u2.dsc 0cd660a40d733acc6e7cce43731cac62 5976957 net optional unbound_1.13.1.orig.tar.gz 4c3726440d8271df13ba2189846141e6 833 net optional unbound_1.13.1.orig.tar.gz.asc 93f94d93ed156ca1ede8b9b2aae75d53 44472 net optional unbound_1.13.1-1+deb11u2.debian.tar.xz -----BEGIN PGP SIGNATURE----- iQKmBAEBCgCQFiEERkRAmAjBceBVMd3uBUy48xNDz0QFAmXLz2NfFIAAAAAALgAo aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDQ2 NDQ0MDk4MDhDMTcxRTA1NTMxRERFRTA1NENCOEYzMTM0M0NGNDQSHGNhcm5pbEBk ZWJpYW4ub3JnAAoJEAVMuPMTQ89EpgAP/R+s8jPMGZF47V1jOg1kaSvjtK/5nDhy ZhvxBBW+JOIMJKluDTHy5T6w7eACTevhuvMDRGUMVcA+tYx0rB1iJQpkkonrsvyk EhkEmmeYVnFlhhYg6atknakAy63bFlV+cIKfT2a2FkA1ZXh1eN88XqHV4zAYk9pe RtnLkaQWgd+myHjIfRKVGWbsV7dJ0FPKogo0rct/y9tzk5ndC0YT5JmDS/8X5dI/ pciFu3yNIBqRdI4MLBzExB4pAKv6TVvDkoJ3T8+3i9ZP+2cjgDDQfFTxBcOUKYd7 1Zgz2Us9ij7ov/iFmSE6EFrxQqWoFKaVvCoqLhV+1l9paeF1i942qZujfpkEuzpm 2bFbfKRsyc6p4MJZImI9mizWxhGpL3AyC8hUHDJeBSUbH/CEl84V4UpIN+8UbihD Wjiik5RP+UjqCDjGHJEc1fat/8J1lOarTwzFX/wI0/bxfyW4pLlciLRzK1FrP3pa gPeb5hVQ4d6WvWnnSnrb1Kd1dX1Hsty2vFFpvto9NuEKHnTx2LbzYR+hS0kn31RL vzi9/jB3ND0ztN+dr8uwLaeTvTq69ssuLjlGOZeqTSwzWhM5t2VEiHkFOt+URVol iEalYs5jmmbbfvqR0INMBfDQW7P7a/Q7/nO1tXT0S1i7OYv0KKqsl21e8k6VwvWA 8+SujWaIIuAN =/SSJ -----END PGP SIGNATURE-----