-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Thu, 06 May 2021 23:34:12 +0200 Source: unbound1.9 Binary: libunbound8 unbound unbound-anchor unbound-host Architecture: source Version: 1.9.0-2+deb10u2~deb9u2 Distribution: stretch-security Urgency: high Maintainer: Debian LTS team <debian-lts@lists.debian.org> Changed-By: Markus Koschany <apo@debian.org> Description: libunbound8 - library implementing DNS resolution and validation unbound - validating, recursive, caching DNS resolver unbound-anchor - utility to securely fetch the root DNS trust anchor unbound-host - reimplementation of the 'host' command Changes: unbound1.9 (1.9.0-2+deb10u2~deb9u2) stretch-security; urgency=high . * Non-maintainer upload of the LTS team. * Fix CVE-2019-25031, CVE-2019-25032, CVE-2019-25033, CVE-2019-25034, CVE-2019-25035, CVE-2019-25036, CVE-2019-25037, CVE-2019-25038, CVE-2019-25039, CVE-2019-25040, CVE-2019-25041, CVE-2019-25042 and CVE-2019-25043. Several security vulnerabilities have been discovered in Unbound by security researchers of X41 D-SEC located in Aachen, Germany. Integer overflows, assertion failures, an out-of-bound write and an infinite loop vulnerability may lead to a denial-of-service or have a negative impact on data confidentiality. Checksums-Sha1: 8f9209a1583bfefe3231d04641edb1821a6b1f8b 3009 unbound1.9_1.9.0-2+deb10u2~deb9u2.dsc f024bcd03af7493b3720d20b05c5a3b6d03eebb3 30264 unbound1.9_1.9.0-2+deb10u2~deb9u2.debian.tar.xz 63a56783f0b8b09bef813db61115742e4b287661 10213 unbound1.9_1.9.0-2+deb10u2~deb9u2_amd64.buildinfo Checksums-Sha256: f35b3cdfb7e88df21a5a0d47ceda0ac1d5994e4c1e0de8488786e69054ea81d4 3009 unbound1.9_1.9.0-2+deb10u2~deb9u2.dsc d8e4d5ec17d1e4f345fd6d4aaac113ff119aabcc3502582e62493bd82e9cf36b 30264 unbound1.9_1.9.0-2+deb10u2~deb9u2.debian.tar.xz febf7b80e7d498540f2f10801e8aa5a8e27b109b3028d7ffc7055c385b235652 10213 unbound1.9_1.9.0-2+deb10u2~deb9u2_amd64.buildinfo Files: 6f323bc8d23e0b62ea384e44f320d3e5 3009 net optional unbound1.9_1.9.0-2+deb10u2~deb9u2.dsc 9ca1e538c2ea0575b4f1d83999d23852 30264 net optional unbound1.9_1.9.0-2+deb10u2~deb9u2.debian.tar.xz c94968711f08d8dbe276f05a4e17daff 10213 net optional unbound1.9_1.9.0-2+deb10u2~deb9u2_amd64.buildinfo -----BEGIN PGP SIGNATURE----- iQKjBAEBCgCNFiEErPPQiO8y7e9qGoNf2a0UuVE7UeQFAmCUZKxfFIAAAAAALgAo aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldEFD RjNEMDg4RUYzMkVERUY2QTFBODM1RkQ5QUQxNEI5NTEzQjUxRTQPHGFwb0BkZWJp YW4ub3JnAAoJENmtFLlRO1HkPwkP/i1A5Dw9KZjCt4Gbzu1nQDTQ4IH5Q7BMo86v aTOg684DEWyAhD14L8RzT28iDPS7qXaRl7dCpEA0g/NZw2PNBYRT4vtwHskwpKJb ygT0TIDf5zK+m7w7pJ7Gdju9Bxfxq9IeypMRCVvpk76vpExgsvj2VM7XPoUjnyt0 nDAqfgMTC/O5KglmoyU2HY6yjKFd++zNhw5rut3R7kyorDkGAeCYR3R3mcrllQ90 7ckoQbTdje5bAuXZKtf6iwz6u3mX9IwtMcitNoHEHlZHI85zy+f6SUXlj8QdaaWp tZV7f0EZNmPm0nVC0DCNvPMFfgEPypCykrDVBwWna8tzhtx/xQGiWMsWODjDLYOZ vGbFyxkpefiwbE7V1f4KpFypNqgHMx4OEkcG7senUSMYPXJnEMjxkip7ZuDkRB+B YHNBsN/TdnIUjNADq9MS7ZD/+TyQ6XsROi9m+VJeNWybGfMUow+H7vk2IJAYuuXE QGMUHY6skPeormdb+/5CFD+yEz00I+xIiNmAu7seD8n7NQdmIT4IZI7CiV8j3YQ/ qukA161WfiI3qCy9lI1QpX7TW17hhHQTDLb3FUc1KAO5BZ+wMobX92aEBs5wq4OK sYnxqZvBY83nelVj+3Oa6YVOM1PWDKloScy29qVdbVv+ZBP8PxSFfpsr4PbCNBts bfwIrzGM =+73p -----END PGP SIGNATURE-----