Source: unbound Version: 1.18.0-2 Severity: important Tags: security X-Debbugs-Cc: Debian Security Team <t...@security.debian.org>
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Today 2 remote exploitable High Severity CVE's were published and unbound has released version 1.19.1 to fix those. Relevant links: https://fosstodon.org/@nlnetlabs/111924266007688683 https://nlnetlabs.nl/news/2024/Feb/13/unbound-1.19.1-released/ https://kb.isc.org/docs/cve-2023-50387 https://kb.isc.org/docs/cve-2023-50868 I think a Release Critical Severity is more appropriate, but none of the (by reportbug) presented options were applicable. It seems reportbug then changed it to 'normal', which I manually changed to 'important'. Fixing this bug would also fix bug #1051817, #1051818 and #1056631. Link: https://bugs.debian.org/1051817 Link: https://bugs.debian.org/1051818 Link: https://bugs.debian.org/1056631 - -- System Information: Debian Release: trixie/sid APT prefers unstable APT policy: (500, 'unstable'), (500, 'testing'), (101, 'experimental') Architecture: amd64 (x86_64) Kernel: Linux 6.6.13-amd64 (SMP w/16 CPU threads; PREEMPT) Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8), LANGUAGE=en_US:en Shell: /bin/sh linked to /usr/bin/dash Init: systemd (via /run/systemd/system) LSM: AppArmor: enabled -----BEGIN PGP SIGNATURE----- iHUEARYIAB0WIQT1sUPBYsyGmi4usy/XblvOeH7bbgUCZcuATAAKCRDXblvOeH7b buedAP0QEqqGjjN4ZP8nu+WdKqrUWupLtsaN6FqEyNOd5OSp3QD/Wfh/sE5azFqf 99HKnBGhNVhrnxlNYIPlEjIns5pVDQs= =thcd -----END PGP SIGNATURE-----