diff --git a/libunbound-devel-mini.changes b/libunbound-devel-mini.changes index 37bfa59..7ca22a5 100644 --- a/libunbound-devel-mini.changes +++ b/libunbound-devel-mini.changes @@ -1,3 +1,12 @@ +------------------------------------------------------------------- +Tue May 19 10:45:19 UTC 2020 - Michael Ströder + +- update to 1.10.1 with security fixes + * CVE-2020-12662 Unbound can be tricked into amplifying an incoming + query into a large number of queries directed to a target. + * CVE-2020-12663 Malformed answers from upstream name servers can be + used to make Unbound unresponsive. + ------------------------------------------------------------------- Thu Feb 20 21:40:10 UTC 2020 - Michael Ströder diff --git a/libunbound-devel-mini.spec b/libunbound-devel-mini.spec index 6d5a20d..4454473 100644 --- a/libunbound-devel-mini.spec +++ b/libunbound-devel-mini.spec @@ -1,7 +1,7 @@ # # spec file for package libunbound-devel-mini # -# Copyright (c) 2019 SUSE LINUX GmbH, Nuernberg, Germany. +# Copyright (c) 2020 SUSE LLC # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed @@ -24,7 +24,7 @@ # Name: libunbound-devel-mini -Version: 1.10.0 +Version: 1.10.1 Release: 0 # # @@ -40,7 +40,7 @@ Conflicts: unbound-devel Conflicts: libunbound8 Provides: libunbound-devel = %{version}-%{release} # -Url: https://www.unbound.net/ +URL: https://www.unbound.net/ Source: https://www.unbound.net/downloads/unbound-%{version}.tar.gz Source1: libunbound-devel-mini-rpmlintrc Source5: root.key diff --git a/unbound-1.10.0.tar.gz b/unbound-1.10.0.tar.gz deleted file mode 100644 index a32d383..0000000 --- a/unbound-1.10.0.tar.gz +++ /dev/null @@ -1,3 +0,0 @@ -version https://git-lfs.github.com/spec/v1 -oid sha256:152f486578242fe5c36e89995d0440b78d64c05123990aae16246b7f776ce955 -size 5727902 diff --git a/unbound-1.10.1.tar.gz b/unbound-1.10.1.tar.gz new file mode 100644 index 0000000..0606cff --- /dev/null +++ b/unbound-1.10.1.tar.gz @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:b73677c21a71cf92f15cc8cfe76a3d875e40f65b6150081c39620b286582d536 +size 5729334 diff --git a/unbound-1.10.1.tar.gz.asc b/unbound-1.10.1.tar.gz.asc new file mode 100644 index 0000000..23d8f11 --- /dev/null +++ b/unbound-1.10.1.tar.gz.asc @@ -0,0 +1,16 @@ +-----BEGIN PGP SIGNATURE----- + +iQIzBAABCAAdFiEE7fqj8spObrBWga+On28cLX4EX40FAl7DfsUACgkQn28cLX4E +X40VHw/+M1lo20IVhNUIazguIi1/Tupcl85v+ScCebbSCjg2m5qUvcUI11EBPeYO +DXmAMMJe7vGI3+luVoUowYX0TtyXmxQ5ynNrmbJPS+w5XQPPBs/svlYPPqIAxGXe +cyMLE7jjxkqxyxF1SzcOxaWUH8sFtujtiQEnpLijtEK93U8GXIbi/qg3FOn3dlLe +FeaCDhJH8zJuEYXZmzrZWXQKF2Zp5HG8vA65o2d4YeapjCXzPdIqGIUPthizhaCA +XCLra9NqtkziC9I/cLJU9xNqshjBiOgVVhWuNCj4Emql+5+gic5ekQNaTZu4a1Zv +q7VwCWBxyLK1aa4b8hS48nLiDc4bEco2wW1rAGLt/egDfEjGn4kQssDH1eYT1+qK +9oVEWuziHGMDaCNAZKEbpipUvbrvzrLQyTOiKZoOnpZkxRsOoNjS3B3moDarmFzw ++GQHar11AZsAPBBQnF/EvXFNqxtTLOXQPhv7Ui41Qp/gRVcPCY4BjqIUM0DCZ9yy +OU//yt5F2aAC+eKKllNVZsIPemT1WDWIqvtadrObJ6FbljY5C7SxHfVOQ/Z+RgeY +k6JvXPlUCncTS59dNaUWGLQHCsBFVyf1tB5cbOAUIrY4ujkHp+MvpGW2ZuEAEtC+ +Wr/XU3SpyogVSFibBZyxFuz1NaBY9dl1eCvsH/b1HS62HPl3YRY= +=R/Wl +-----END PGP SIGNATURE----- diff --git a/unbound.changes b/unbound.changes index a6297e2..53ea4ba 100644 --- a/unbound.changes +++ b/unbound.changes @@ -1,3 +1,12 @@ +------------------------------------------------------------------- +Tue May 19 10:45:19 UTC 2020 - Michael Ströder + +- update to 1.10.1 with security fixes + * CVE-2020-12662 Unbound can be tricked into amplifying an incoming + query into a large number of queries directed to a target. + * CVE-2020-12663 Malformed answers from upstream name servers can be + used to make Unbound unresponsive. + ------------------------------------------------------------------- Thu Feb 20 21:40:10 UTC 2020 - Michael Ströder diff --git a/unbound.spec b/unbound.spec index 65aa987..4a7f778 100644 --- a/unbound.spec +++ b/unbound.spec @@ -1,7 +1,7 @@ # # spec file for package unbound # -# Copyright (c) 2019 SUSE LINUX GmbH, Nuernberg, Germany. +# Copyright (c) 2020 SUSE LLC # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed @@ -36,7 +36,7 @@ %define piddir /run Name: unbound -Version: 1.10.0 +Version: 1.10.1 Release: 0 # # @@ -71,7 +71,7 @@ BuildRequires: pkgconfig(libsystemd) %{?systemd_requires} %endif # -Url: https://www.unbound.net/ +URL: https://www.unbound.net/ Source: https://www.unbound.net/downloads/unbound-%{version}.tar.gz Source1: unbound.service Source2: unbound.conf