]> git.ipfire.org Git - thirdparty/unbound.git/tag
projects / thirdparty / unbound.git / tag
? search:
summary | shortlog | log | commit | commitdiff | tree

release-1.24.1
object a33f0638e1dacf2633cf2292078a674576bca852 commit
authorYorgos Thessalonikefs <yorgos@nlnetlabs.nl>
Wed, 22 Oct 2025 09:55:40 +0000 (11:55 +0200)
Unbound 1.24.1

This security release fixes CVE-2025-11411.

Promiscuous NS RRSets that complement DNS replies in the authority
section can be used to trick resolvers to update their delegation
information for the zone.

The CVE is described here
https://nlnetlabs.nl/downloads/unbound/CVE-2025-11411.txt

We would like to thank Yuxiao Wu, Yunyi Zhang, Baojun Liu and Haixin
Duan from Tsinghua University for discovering and responsibly disclosing
the vulnerability.

Bug Fixes:
- Fix CVE-2025-11411 (possible domain hijacking attack), reported by
  Yuxiao Wu, Yunyi Zhang, Baojun Liu and Haixin Duan from Tsinghua
  University.
-----BEGIN PGP SIGNATURE-----

iQJIBAABCgAyFiEElI60IyLF0At5NA9dz/M0TZCHpJAFAmj4qmwUHGdlb3JnZUBu
bG5ldGxhYnMubmwACgkQz/M0TZCHpJC+hA/+Ldx33799zjc9DgAQ8n8IPARfJoXi
PCSWI9RQSOmZdAtnBmwZa0lpqsNLs2ItkY4BJNPOw9cY4ThXFg+U3b4JPQUkG6pV
p4/RnBBp8T/OjrRJkuR+pHhAfxRNNbljVJ8mEbJ85qjuCUBQEWJiHsokSS7citXd
qdqmptprSCU5sW0iJXx8d/NbdJDguxKgpxUzOd8CPwxZOcOjk+OK7tG+/HZ0Yi+N
TLD0XyZ/X+xEtjt62WPb1w+VSD2H/afIAWq/uiMFeIWz1UBc0Nxgpadxi8NIkqf9
Y3dAbYCFhYz0kZfMESOQqdE6n8biDuKxKDvKiFkc3ab2C5EpOudLE4KlVwCrg5S2
TkmPzix1LmT4UHQnIPSNG9rgRrukpkH03tnvAVlA7idIYD0vbnbVclgGZd5uua5X
5W6MIat7j9SYRd7Y9azXujpoIPyFC+uZz3DPklKJTdIfoqWwgUhLXXCuvsvet89z
zI5i1Bt1b5ElU97cKnCNigGBTuU4GCqQ+tTOudsZPCD+HwHPwYpAfbQ4YjP+tRlq
XKpJpSYZSSAn7zyPF2GbVh6iUawyeRcr6vgij6IdA/QfjzUdcQ82srALdwAm1CFX
HPsd0e7iGV24YwXnpfYfcHcbZJZjGuNdsAeWB1OB1KRD/nA4WA/yRsFIVGqmzOrL
pva3+E2GSCCl93I=
=c7ky
-----END PGP SIGNATURE-----
Mirror of https://github.com/NLnetLabs/unbound.git