CVSROOT: /cvs Module name: src Changes by: bl...@cvs.openbsd.org 2024/02/14 05:09:48
Modified files: sbin/unwind/libunbound/services: Tag: OPENBSD_7_3 authzone.c sbin/unwind/libunbound/services/cache: Tag: OPENBSD_7_3 dns.c dns.h sbin/unwind/libunbound/util: Tag: OPENBSD_7_3 fptr_wlist.c netevent.c sbin/unwind/libunbound/validator: Tag: OPENBSD_7_3 val_nsec.c val_nsec3.c val_nsec3.h val_sigcrypt.c val_sigcrypt.h val_utils.c val_utils.h validator.c validator.h usr.sbin/unbound/services: Tag: OPENBSD_7_3 authzone.c usr.sbin/unbound/services/cache: Tag: OPENBSD_7_3 dns.c dns.h usr.sbin/unbound/testcode: Tag: OPENBSD_7_3 unitverify.c usr.sbin/unbound/util: Tag: OPENBSD_7_3 fptr_wlist.c usr.sbin/unbound/validator: Tag: OPENBSD_7_3 val_nsec.c val_nsec3.c val_nsec3.h val_sigcrypt.c val_sigcrypt.h val_utils.c val_utils.h validator.c validator.h Log message: Fix for CVE-2023-50387 and CVE-2023-50868. Both can be used to cause high CPU load and potentially denial of service with specifically crafted DNSSEC responses. from florian@ this is errata/7.3/026_unbound.patch.sig