version 1.6, 2018/02/02 22:43:05 |
version 1.7, 2018/02/07 20:41:46 |
|
|
A source code patch exists which remedies this problem.</a> |
A source code patch exists which remedies this problem.</a> |
<p> |
<p> |
|
|
|
<li id="p008_unbound"> |
|
<font color="#009000"> |
|
<strong>008: SECURITY FIX: February 7, 2018</strong></font> |
|
<i>All architectures</i> |
|
<br> |
|
A flaw was found in the way unbound validated wildcard-synthesized |
|
NSEC records. An improperly validated wildcard NSEC record could be |
|
used to prove the non-existence (NXDOMAIN answer) of an existing |
|
wildcard record, or trick unbound into accepting a NODATA proof. |
|
<br> |
|
<a href="https://ftp.openbsd.org/pub/OpenBSD/patches/6.2/common/008_unbound.patch.sig"> |
|
A source code patch exists which remedies this problem.</a> |
|
<p> |
|
|
</ul> |
</ul> |
|
|
<hr> |
<hr> |