Oracle Linux 6277 Published by

An unbound security update has been released for Oracle Linux 6.



El-errata: ELSA-2020-2640 Important: Oracle Linux 6 unbound security update


Oracle Linux Security Advisory ELSA-2020-2640

  http://linux.oracle.com/errata/ELSA-2020-2640.html

The following updated rpms for Oracle Linux 6 have been uploaded to the
Unbreakable Linux Network:

i386:
unbound-1.4.20-29.el6_10.1.i686.rpm
unbound-devel-1.4.20-29.el6_10.1.i686.rpm
unbound-libs-1.4.20-29.el6_10.1.i686.rpm
unbound-python-1.4.20-29.el6_10.1.i686.rpm

x86_64:
unbound-1.4.20-29.el6_10.1.x86_64.rpm
unbound-devel-1.4.20-29.el6_10.1.i686.rpm
unbound-devel-1.4.20-29.el6_10.1.x86_64.rpm
unbound-libs-1.4.20-29.el6_10.1.i686.rpm
unbound-libs-1.4.20-29.el6_10.1.x86_64.rpm
unbound-python-1.4.20-29.el6_10.1.i686.rpm
unbound-python-1.4.20-29.el6_10.1.x86_64.rpm

SRPMS:
  http://oss.oracle.com/ol6/SRPMS-updates/unbound-1.4.20-29.el6_10.1.src.rpm


Description of changes:

[1.4.20-29.1]
- Fix segfault in unbound-1.4.20-amplifying-an-incoming-query.patch
- Resolves: rhbz#1839171 (CVE-2020-12662), rhbz#1840257 (CVE-2020-12663)

[1.4.20-28.1]
- Fix unbound-1.4.20-amplifying-an-incoming-query.patch patch so it
won't produce compiler warnings
- Resolves: rhbz#1839171 (CVE-2020-12662), rhbz#1840257 (CVE-2020-12663)

[1.4.20-27.1]
- Fix amplifying an incoming query into a large number of queries
directed to a target
- Resolves: rhbz#1839171 (CVE-2020-12662), rhbz#1840257 (CVE-2020-12663)

[1.4.20-26.1]
- Resolves: #1655929 - Unbound crashed when running "unbound-control
log_reopen"