CVSROOT: /cvs
Module name: src
Changes by: [email protected] 2025/11/28 11:25:19
Modified files:
sbin/unwind/libunbound/iterator: Tag: OPENBSD_7_7 iter_scrub.c
usr.sbin/unbound/iterator: Tag: OPENBSD_7_7 iter_scrub.c
Log message:
Fix incomplete mitigation of CVE-2025-11411 in unbound and unwind.
https://nlnetlabs.nl/downloads/unbound/patch_CVE-2025-11411_2_wtests.diff
This extends the previous fix by also scrubbing unsolicited NS RRSets (and
their respective address records) for YXDOMAIN and nodata non-referral answers.
from sthen@ florian@
this is errata/7.7/017_unbound.patch.sig
