On 5/19/20 10:03, Wouter Wijngaards via Unbound-users wrote:
Hi,
Unbound 1.10.1 is available:
https://nlnetlabs.nl/downloads/unbound/unbound-1.10.1.tar.gz
sha256 b73677c21a71cf92f15cc8cfe76a3d875e40f65b6150081c39620b286582d536
pgp https://nlnetlabs.nl/downloads/unbound/unbound-1.10.1.tar.gz.asc
This release fixes CVE-2020-12662 and CVE-2020-12663.
Bug Fixes:
- CVE-2020-12662 Unbound can be tricked into amplifying an incoming
query into a large number of queries directed to a target.
- CVE-2020-12663 Malformed answers from upstream name servers can be
used to make Unbound unresponsive.
Best regards, Wouter
Got this version built on Solaris 11.4 with Studio 12.6. Still did get
the following error when compiling:
----------------------------------------------------------------------------------
"smallapp/unbound-checkconf.c", line 707: identifier redeclared:
auth_zones_delete
current : function() returning int
previous: function(pointer to struct auth_zones {struct
_pthread_rwlock {..} lock, struct rbtree_type {..} ztree, struct
rbtree_type {..} xtree, int have_downstream, unsigned long num_query_up,
unsigned long num_query_down, pointer to struct rpz {..} rpz_first,
struct _pthread_rwlock {..} rpz_lock}) returning void :
"./services/authzone.h", line 494
"smallapp/unbound-checkconf.c", line 708: syntax error before or at: }
cc: acomp failed for smallapp/unbound-checkconf.c
gmake: *** [Makefile:291: unbound-checkconf.lo] Error 1
----------------------------------------------------------------------------------
But got it sorted out by editing line 704 in
"smallapp/unbound-checkconf.c" changing from:
if(!az || !auth_zones_apply_cfg(az, cfg, 0i, &is_rpz)) {
To:
if(!az || !auth_zones_apply_cfg(az, cfg, 0, &is_rpz)) {
As per version 1.10.0 previously.
Thanks
--
---
Jaco Lesch
SAIX HLS
Email: [email protected]
