USN-3673-1: Unbound vulnerability
07 June 2018
A security issue was fixed in Unbound.
- unbound - validating, recursive, caching DNS resolver
Ralph Dolmans and Karst Koymans discovered that Unbound did not properly
handle certain NSEC records. An attacker could use this to to prove the
non-existence (NXDOMAIN answer) of an existing wildcard record, or trick
Unbound into accepting a NODATA proof.
The problem can be corrected by updating your system to the following package versions:
In general, a standard system update will make all the necessary changes.