Your submission was sent successfully! Close

USN-5569-1: Unbound vulnerabilities

16 August 2022

Unbound could be made to cache rogue domain names.

Releases

Packages

  • unbound - validating, recursive, caching DNS resolver

Details

Xiang Li discovered that Unbound incorrectly handled delegation caching.
A remote attacker could use this issue to keep rogue domain names
resolvable long after they have been revoked.

Update instructions

The problem can be corrected by updating your system to the following package versions:

Ubuntu 22.04
Ubuntu 20.04
Ubuntu 18.04

In general, a standard system update will make all the necessary changes.