unbound: Update to 1.16.3

For details see:
https://lists.nlnetlabs.nl/pipermail/unbound-users/2022-September/007885.html

"This release fixes CVE-2022-3204 Non-Responsive Delegation
Attack. It was reported by Yehuda Afek from Tel-Aviv
University and Anat Bremler-Barr and Shani Stajnrod from
Reichman University.

This fixes for better performance when under load, by cutting
promiscuous queries for nameserver discovery and limiting the
number of times a delegation point can look in the cache for
missing records.

Bug Fixes
- Patch for CVE-2022-3204 Non-Responsive Delegation Attack."

Signed-off-by: Matthias Fischer <matthias.fischer@ipfire.org>
Reviewed-by: Peter Müller <peter.mueller@ipfire.org>

diff --git a/config/rootfiles/common/unbound b/config/rootfiles/common/unbound
index 7fc4f191ab85362a27b71f23ecaec6863f65d229..7af787f29e41cc48ad7a4f0a740d4a84f6eb0a85 100644 (file)
--- a/config/rootfiles/common/unbound
+++ b/config/rootfiles/common/unbound
@@ -11,7 +11,7 @@ etc/unbound/unbound.conf
 #usr/lib/libunbound.la
 #usr/lib/libunbound.so
 usr/lib/libunbound.so.8
-usr/lib/libunbound.so.8.1.18
+usr/lib/libunbound.so.8.1.19
 #usr/lib/pkgconfig/libunbound.pc
 usr/sbin/unbound
 usr/sbin/unbound-anchor

diff --git a/lfs/unbound b/lfs/unbound
index 5a3c70cafdda33e7551383e5ee46e49afe9b5192..636fe8bf91ad24baaca827bd15a31ce7f81c4ea8 100644 (file)
--- a/lfs/unbound
+++ b/lfs/unbound
@@ -24,7 +24,7 @@
 
 include Config
 
-VER        = 1.16.2
+VER        = 1.16.3
 
 THISAPP    = unbound-$(VER)
 DL_FILE    = $(THISAPP).tar.gz
@@ -40,7 +40,7 @@ objects = $(DL_FILE)
 
 $(DL_FILE) = $(DL_FROM)/$(DL_FILE)
 
-$(DL_FILE)_BLAKE2 = 2f7f119d12807ff5c000fd500be72a0825614da3e1f079f9b8d15a651bda2fa0b41599a55c6f76b17ff56120aa61e48042469063f08dd199333520172ca16750
+$(DL_FILE)_BLAKE2 = b97deade78ab903363e06ff9d71b9895c754378ec276bb17556de62c48a88af5fbabd26f97fb47313d1e631fe75dee245aa38fbf42a865ac3e764882a1124a51
 
 install : $(TARGET)