fcb33424c5
jakob@ and myself. See http://www.unbound.net/downloads/CVE-2011-4528.txt for more details, summary from the above is below: -- Unbound crashes when confronted with a non-standard response from a server for a domain. This domain produces duplicate RRs from a certain type and is DNSSEC signed.Unbound also crashes when confronted with a query that eventually, and under specific circumstances, resolves to a domain that misses expected NSEC3 records. These two problems were discovered within 24 hours, hence a combined vulnerability disclosure. By constructing the non standard responses an attacker can use these vulnerabilities for a DOS attack. To our knowledge 'denial of service' is the only type of exploit possible. --
12 lines
678 B
Plaintext
12 lines
678 B
Plaintext
$OpenBSD: patch-Makefile_in,v 1.14 2011/12/20 10:49:19 sthen Exp $
|
|
--- Makefile.in.orig Fri Nov 11 09:49:19 2011
|
|
+++ Makefile.in Tue Dec 13 07:37:19 2011
|
|
@@ -467,7 +467,6 @@ install: all $(PYTHONMOD_INSTALL) $(PYUNBOUND_INSTALL)
|
|
if test ! -e $(DESTDIR)$(configfile); then $(INSTALL) -d `dirname $(DESTDIR)$(configfile)`; $(INSTALL) -c -m 644 doc/example.conf $(DESTDIR)$(configfile); fi
|
|
$(LIBTOOL) --mode=install cp $(srcdir)/libunbound/unbound.h $(DESTDIR)$(includedir)/unbound.h
|
|
$(LIBTOOL) --mode=install cp libunbound.la $(DESTDIR)$(libdir)
|
|
- $(LIBTOOL) --mode=finish $(DESTDIR)$(libdir)
|
|
|
|
pythonmod-uninstall:
|
|
rm -f -- $(DESTDIR)$(PYTHON_SITE_PKG)/unboundmodule.py
|