[SECURITY] Fedora EPEL 5 Update: unbound-1.3.4-1.el5

updates at fedoraproject.org updates at fedoraproject.org
Sat Oct 10 20:26:50 UTC 2009


--------------------------------------------------------------------------------
Fedora EPEL Update Notification
FEDORA-EPEL-2009-0625
2009-10-10 20:12:17.235297
--------------------------------------------------------------------------------

Name        : unbound
Product     : Fedora EPEL 5
Version     : 1.3.4
Release     : 1.el5
URL         : http://www.nlnetlabs.nl/unbound/
Summary     : Validating, recursive, and caching DNS(SEC) resolver
Description :
Unbound is a validating, recursive, and caching DNS(SEC) resolver.

The C implementation of Unbound is developed and maintained by NLnet
Labs. It is based on ideas and algorithms taken from a java prototype
developed by Verisign labs, Nominet, Kirei and ep.net.

Unbound is designed as a set of modular components, so that also
DNSSEC (secure DNS) validation and stub-resolvers (that do not run
as a server, but are linked into an application) are easily possible.

--------------------------------------------------------------------------------
Update Information:

Fixes a bug in NSEC3 validation handling code: Under specific circumstances
checks of signatures over NSEC3 records are not done. As a result carefully
crafted delegation responses (created through exploiting general DNS
vulnerabilities such as DNS packet spoofing) can be used to downgrade an
existing secure delegation to insecure.
--------------------------------------------------------------------------------

This update can be installed with the "yum" update programs.  Use
su -c 'yum update unbound' at the command line.
For more information, refer to "Managing Software with yum",
available at http://docs.fedoraproject.org/yum/.

All packages are signed with the Fedora EPEL GPG key.  More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------


More information about the epel-package-announce mailing list