-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 - ------------------------------------------------------------------------- Debian Security Advisory DSA-5987-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff August 27, 2025 https://www.debian.org/security/faq - -------------------------------------------------------------------------
Package : unbound CVE ID : CVE-2024-8508 CVE-2024-33655 CVE-2025-5994 Multiple security issues were discovered in Unbound, a validating, recursive, caching DNS resolver, which may result in denial of service or cache poisoning via the "rebirthday attack". For the oldstable distribution (bookworm), these problems have been fixed in version 1.17.1-2+deb12u3. We recommend that you upgrade your unbound packages. For the detailed security status of unbound please refer to its security tracker page at: https://security-tracker.debian.org/tracker/unbound Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: https://www.debian.org/security/ Mailing list: [email protected] -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEEtuYvPRKsOElcDakFEMKTtsN8TjYFAmivcf0ACgkQEMKTtsN8 TjYLDxAAtvQffhLgzKQtfVNIXibKGJNqbwQJhH3h6X/QXuvOdWRiwpkY1mcm1OuI NmwW0hJQ5elcTilZ8mTroLXiwhZ51dnvqFvoVeZuMEHeiTxPewhyzi5P97D8OBGv TBz19IJ4R8jKyZTae1cTZZx0y3i+U/ZFDDOsLWm40Zdw9bU0UAz67T258hZXVRXi EJ0s1E26E6rwAFh88iLoab5iM8DIGUlGHtubtAbACUkN2iIh3uR4rXMNZ6s6pzy5 E05gFR+GqDywSJg7Kv3LdhodHpMoBv5D9MmUzS2/a3Ev0Za8KN4VA5pNYwGccAOC etCZpfj8w7Ti7fldQJuGjvof2GGvxSSfNr4EBNqGCsagbwbr5bnxNc7Brfbj/qru 6tyGvRFn6aROs511dZCh/PETezyuxyDYlc7VYJDA9nOYQzan0J1XQKg3zRQO1fDD ewO/DsDVuPAoorsHgPvnqWl4lcJ2qtxBLsXXm8+ta8OrFznJgERgJk7DDPq3yztC aeTK0EmxOq11zCH9BPoQftrCeX906HQXfH5tQ3DaVLp49g4qCDKOgYWuUNYfv8KZ 7yxKEK7N5r3S8jn2IN8xS5UDsq3R/+HHpam99VJZEm7r99sZrjx562fUfdN8XOMs 9VfvHzXvyOBIFIvMZxzamEdUHM0CpxQOEMVaTjijSfG4Imdjk2c= =24SH -----END PGP SIGNATURE-----
