CVSROOT: /cvs
Module name: src
Changes by: bl...@cvs.openbsd.org 2024/02/14 05:09:48
Modified files:
sbin/unwind/libunbound/services: Tag: OPENBSD_7_3 authzone.c
sbin/unwind/libunbound/services/cache: Tag: OPENBSD_7_3 dns.c
dns.h
sbin/unwind/libunbound/util: Tag: OPENBSD_7_3 fptr_wlist.c
netevent.c
sbin/unwind/libunbound/validator: Tag: OPENBSD_7_3 val_nsec.c
val_nsec3.c val_nsec3.h
val_sigcrypt.c val_sigcrypt.h
val_utils.c val_utils.h
validator.c validator.h
usr.sbin/unbound/services: Tag: OPENBSD_7_3 authzone.c
usr.sbin/unbound/services/cache: Tag: OPENBSD_7_3 dns.c dns.h
usr.sbin/unbound/testcode: Tag: OPENBSD_7_3 unitverify.c
usr.sbin/unbound/util: Tag: OPENBSD_7_3 fptr_wlist.c
usr.sbin/unbound/validator: Tag: OPENBSD_7_3 val_nsec.c
val_nsec3.c val_nsec3.h
val_sigcrypt.c val_sigcrypt.h
val_utils.c val_utils.h validator.c
validator.h
Log message:
Fix for CVE-2023-50387 and CVE-2023-50868.
Both can be used to cause high CPU load and potentially denial of
service with specifically crafted DNSSEC responses.
from florian@
this is errata/7.3/026_unbound.patch.sig
