]> git.ipfire.org Git - thirdparty/unbound.git/commit
projects / thirdparty / unbound.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: bbeee42) | patch
- Fix CVE-2025-11411 (possible domain hijacking attack), reported by Yuxiao Wu, branch-1.24.1 release-1.24.1
authorYorgos Thessalonikefs <yorgos@nlnetlabs.nl>
Wed, 22 Oct 2025 08:54:57 +0000 (10:54 +0200)
committerYorgos Thessalonikefs <yorgos@nlnetlabs.nl>
Wed, 22 Oct 2025 08:54:57 +0000 (10:54 +0200)
commita33f0638e1dacf2633cf2292078a674576bca852
tree1576e436b1fdbca2fa5aad60bb6d9c6a89bdf6a5tree | snapshot
parentbbeee42e2574c87c5dd0b6d8e5c2094a21a27de0commit | diff
- Fix CVE-2025-11411 (possible domain hijacking attack), reported by Yuxiao Wu,
  Yunyi Zhang, Baojun Liu and Haixin Duan from Tsinghua University.
151 files changed:
daemon/remote.c diff | blob | blame | history
doc/example.conf.in diff | blob | blame | history
doc/unbound-control.8.in diff | blob | blame | history
doc/unbound-control.rst diff | blob | blame | history
doc/unbound.conf.5.in diff | blob | blame | history
doc/unbound.conf.rst diff | blob | blame | history
iterator/iter_scrub.c diff | blob | blame | history
testdata/autotrust_init.rpl diff | blob | blame | history
testdata/autotrust_init_ds.rpl diff | blob | blame | history
testdata/autotrust_init_sigs.rpl diff | blob | blame | history
testdata/autotrust_init_zsk.rpl diff | blob | blame | history
testdata/black_data.rpl diff | blob | blame | history
testdata/black_prime.rpl diff | blob | blame | history
testdata/disable_edns_do.rpl diff | blob | blame | history
testdata/dns64_lookup.rpl diff | blob | blame | history
testdata/dns64_prefetch_cache.rpl diff | blob | blame | history
testdata/fetch_glue.rpl diff | blob | blame | history
testdata/fetch_glue_cname.rpl diff | blob | blame | history
testdata/fwd_cached.rpl diff | blob | blame | history
testdata/fwd_compress_c00c.tdir/fwd_compress_c00c.conf diff | blob | blame | history
testdata/fwd_minimal.rpl diff | blob | blame | history
testdata/ipsecmod_bogus_ipseckey.crpl diff | blob | blame | history
testdata/ipsecmod_enabled.crpl diff | blob | blame | history
testdata/ipsecmod_ignore_bogus_ipseckey.crpl diff | blob | blame | history
testdata/ipsecmod_max_ttl.crpl diff | blob | blame | history
testdata/ipsecmod_strict.crpl diff | blob | blame | history
testdata/ipsecmod_whitelist.crpl diff | blob | blame | history
testdata/iter_class_any.rpl diff | blob | blame | history
testdata/iter_cycle_noh.rpl diff | blob | blame | history
testdata/iter_domain_sale.rpl diff | blob | blame | history
testdata/iter_domain_sale_nschange.rpl diff | blob | blame | history
testdata/iter_emptydp.rpl diff | blob | blame | history
testdata/iter_emptydp_for_glue.rpl diff | blob | blame | history
testdata/iter_fwdfirst.rpl diff | blob | blame | history
testdata/iter_fwdfirstequal.rpl diff | blob | blame | history
testdata/iter_fwdfirstequaltcp.rpl diff | blob | blame | history
testdata/iter_fwdstub.rpl diff | blob | blame | history
testdata/iter_fwdstubroot.rpl diff | blob | blame | history
testdata/iter_ghost_grandchild_delegation.rpl diff | blob | blame | history
testdata/iter_ghost_sub.rpl diff | blob | blame | history
testdata/iter_ghost_timewindow.rpl diff | blob | blame | history
testdata/iter_got6only.rpl diff | blob | blame | history
testdata/iter_hint_lame.rpl diff | blob | blame | history
testdata/iter_lame_noaa.rpl diff | blob | blame | history
testdata/iter_lame_nosoa.rpl diff | blob | blame | history
testdata/iter_mod.rpl diff | blob | blame | history
testdata/iter_ns_badip.rpl diff | blob | blame | history
testdata/iter_ns_spoof.rpl diff | blob | blame | history
testdata/iter_nxns_fallback.rpl diff | blob | blame | history
testdata/iter_pc_a.rpl diff | blob | blame | history
testdata/iter_pc_aaaa.rpl diff | blob | blame | history
testdata/iter_pcdiff.rpl diff | blob | blame | history
testdata/iter_pcdirect.rpl diff | blob | blame | history
testdata/iter_pcname.rpl diff | blob | blame | history
testdata/iter_pcnamech.rpl diff | blob | blame | history
testdata/iter_pcnamechrec.rpl diff | blob | blame | history
testdata/iter_pcnamerec.rpl diff | blob | blame | history
testdata/iter_pcttl.rpl diff | blob | blame | history
testdata/iter_prefetch.rpl diff | blob | blame | history
testdata/iter_prefetch_change.rpl diff | blob | blame | history
testdata/iter_prefetch_change2.rpl diff | blob | blame | history
testdata/iter_prefetch_childns.rpl diff | blob | blame | history
testdata/iter_prefetch_fail.rpl diff | blob | blame | history
testdata/iter_prefetch_ns.rpl diff | blob | blame | history
testdata/iter_primenoglue.rpl diff | blob | blame | history
testdata/iter_privaddr.rpl diff | blob | blame | history
testdata/iter_ranoaa_lame.rpl diff | blob | blame | history
testdata/iter_reclame_one.rpl diff | blob | blame | history
testdata/iter_reclame_two.rpl diff | blob | blame | history
testdata/iter_recurse.rpl diff | blob | blame | history
testdata/iter_resolve.rpl diff | blob | blame | history
testdata/iter_resolve_minimised.rpl diff | blob | blame | history
testdata/iter_resolve_minimised_nx.rpl diff | blob | blame | history
testdata/iter_resolve_minimised_refused.rpl diff | blob | blame | history
testdata/iter_resolve_minimised_timeout.rpl diff | blob | blame | history
testdata/iter_scrub_cname_an.rpl diff | blob | blame | history
testdata/iter_scrub_dname_insec.rpl diff | blob | blame | history
testdata/iter_scrub_dname_rev.rpl diff | blob | blame | history
testdata/iter_scrub_dname_sec.rpl diff | blob | blame | history
testdata/iter_scrub_promiscuous.rpl [new file with mode: 0644] blob
testdata/iter_scrub_rr_length.rpl diff | blob | blame | history
testdata/iter_soamin.rpl diff | blob | blame | history
testdata/iter_stub_noroot.rpl diff | blob | blame | history
testdata/iter_stubfirst.rpl diff | blob | blame | history
testdata/iter_timeout_ra_aaaa.rpl diff | blob | blame | history
testdata/iter_unverified_glue.rpl diff | blob | blame | history
testdata/rrset_rettl.rpl diff | blob | blame | history
testdata/rrset_untrusted.rpl diff | blob | blame | history
testdata/rrset_updated.rpl diff | blob | blame | history
testdata/rrset_use_cached.rpl diff | blob | blame | history
testdata/serve_expired.rpl diff | blob | blame | history
testdata/serve_expired_0ttl_nodata.rpl diff | blob | blame | history
testdata/serve_expired_0ttl_nxdomain.rpl diff | blob | blame | history
testdata/serve_expired_0ttl_servfail.rpl diff | blob | blame | history
testdata/serve_expired_cached_servfail.rpl diff | blob | blame | history
testdata/serve_expired_client_timeout.rpl diff | blob | blame | history
testdata/serve_expired_client_timeout_no_prefetch.rpl diff | blob | blame | history
testdata/serve_expired_client_timeout_servfail.rpl diff | blob | blame | history
testdata/serve_expired_client_timeout_val_insecure_delegation.rpl diff | blob | blame | history
testdata/serve_expired_reply_ttl.rpl diff | blob | blame | history
testdata/serve_expired_ttl.rpl diff | blob | blame | history
testdata/serve_expired_ttl_client_timeout.rpl diff | blob | blame | history
testdata/serve_expired_zerottl.rpl diff | blob | blame | history
testdata/serve_original_ttl.rpl diff | blob | blame | history
testdata/subnet_cached.crpl diff | blob | blame | history
testdata/subnet_cached_servfail.crpl diff | blob | blame | history
testdata/subnet_cached_size.crpl diff | blob | blame | history
testdata/subnet_global_prefetch.crpl diff | blob | blame | history
testdata/subnet_global_prefetch_always_forward.crpl diff | blob | blame | history
testdata/subnet_global_prefetch_expired.crpl diff | blob | blame | history
testdata/subnet_global_prefetch_with_client_ecs.crpl diff | blob | blame | history
testdata/subnet_max_source.crpl diff | blob | blame | history
testdata/subnet_prefetch.crpl diff | blob | blame | history
testdata/subnet_val_positive.crpl diff | blob | blame | history
testdata/subnet_val_positive_client.crpl diff | blob | blame | history
testdata/trust_cname_chain.rpl diff | blob | blame | history
testdata/ttl_max.rpl diff | blob | blame | history
testdata/ttl_min.rpl diff | blob | blame | history
testdata/val_adbit.rpl diff | blob | blame | history
testdata/val_adcopy.rpl diff | blob | blame | history
testdata/val_cnametocnamewctoposwc.rpl diff | blob | blame | history
testdata/val_ds_afterprime.rpl diff | blob | blame | history
testdata/val_faildnskey_ok.rpl diff | blob | blame | history
testdata/val_keyprefetch_verify.rpl diff | blob | blame | history
testdata/val_noadwhennodo.rpl diff | blob | blame | history
testdata/val_nsec3_b3_optout.rpl diff | blob | blame | history
testdata/val_nsec3_b3_optout_negcache.rpl diff | blob | blame | history
testdata/val_nsec3_b4_wild.rpl diff | blob | blame | history
testdata/val_nsec3_cnametocnamewctoposwc.rpl diff | blob | blame | history
testdata/val_positive.rpl diff | blob | blame | history
testdata/val_positive_wc.rpl diff | blob | blame | history
testdata/val_qds_badanc.rpl diff | blob | blame | history
testdata/val_qds_oneanc.rpl diff | blob | blame | history
testdata/val_qds_twoanc.rpl diff | blob | blame | history
testdata/val_refer_unsignadd.rpl diff | blob | blame | history
testdata/val_referd.rpl diff | blob | blame | history
testdata/val_referglue.rpl diff | blob | blame | history
testdata/val_rrsig.rpl diff | blob | blame | history
testdata/val_spurious_ns.rpl diff | blob | blame | history
testdata/val_stub_noroot.rpl diff | blob | blame | history
testdata/val_ta_algo_dnskey.rpl diff | blob | blame | history
testdata/val_ta_algo_dnskey_dp.rpl diff | blob | blame | history
testdata/val_ta_algo_missing_dp.rpl diff | blob | blame | history
testdata/val_twocname.rpl diff | blob | blame | history
testdata/val_unalgo_anchor.rpl diff | blob | blame | history
testdata/val_wild_pos.rpl diff | blob | blame | history
testdata/views.rpl diff | blob | blame | history
util/config_file.c diff | blob | blame | history
util/config_file.h diff | blob | blame | history
util/configlexer.lex diff | blob | blame | history
util/configparser.y diff | blob | blame | history
Mirror of https://github.com/NLnetLabs/unbound.git