-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 - ------------------------------------------------------------------------- Debian Security Advisory DSA-6071-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff December 04, 2025 https://www.debian.org/security/faq - -------------------------------------------------------------------------
Package : unbound CVE ID : CVE-2025-11411 It was discovered that incorrect handling of promiscuous NS RRSets in Unbound, a validating, recursive, caching DNS resolver, could result in cache poisoning. For the stable distribution (trixie), this problem has been fixed in version 1.22.0-2+deb13u1. We recommend that you upgrade your unbound packages. For the detailed security status of unbound please refer to its security tracker page at: https://security-tracker.debian.org/tracker/unbound Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: https://www.debian.org/security/ Mailing list: [email protected] -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEEtuYvPRKsOElcDakFEMKTtsN8TjYFAmkx7/AACgkQEMKTtsN8 TjY7CA//VnatBztWXPVbEozG6IgyJNqRDDgg8vh1UABAnq0UHkFgx1vknTmBSaqz hES7glvQpFCsphXT6HSOTHYDrTVIJMhvPxUxUUpkeEYN8Q4vxxVmD2rQXkh9xOQR BW0Gh/+UVuUUVBiB9mmECETb1lT4n7FUSvRpSKGwE/Nh7ClLMshZHTuxATpKj3ML aRufmVeuTDi8C1WT7xjbs4t0/+JTPS1LYtVfNtIDDm8MfpB21EjY26mPmvfCCa0n W1vl7BECuCh2cK4Tn991vUhbUwxzJ9gmAw+9L86yr+0IOtsGiUYExZclAmPx7H3f RUeqms16w8f4QxR/KWj3iYvpKBfPFrAhycdq/G9linC3kw9Ap8dasAWDj8ph749I 1jOVTh2KE5fOjYCXiE1RlZGN6SHqymYELivCm190X8lTnii/VhKtlqzThyeF7++E /a0ImMFIHH/0JXnasJeXs8jZCJm2ugl1VbokNVrE7B9+3zKEExp54dTzUsbyoRXP qz+lAlI9CAuFeha59YlM6CNz98j0YS2x7qdsRzb32QXZWvCX5rbNyKG9TnWsHOfo BgPDGKEMZdM8JLLLYUq0s+UboWf3vrEc5Go62TfTYexU5eFZ2IwRuwM4HTNFzGGO XBUv0upGSg8l9HI3Q23oivm5/z9eafV20swjydP1Q3IWBx28/ug= =IFUf -----END PGP SIGNATURE-----
