Unbound 1.10.1 released
Wouter Wijngaards
wouter at nlnetlabs.nl
Mon May 25 11:32:01 UTC 2020
Hi Jaco,
On 25/05/2020 13:16, Jaco Lesch via Unbound-users wrote:
>
> On 5/19/20 10:03, Wouter Wijngaards via Unbound-users wrote:
>> Hi,
>>
>> Unbound 1.10.1 is available:
>> https://nlnetlabs.nl/downloads/unbound/unbound-1.10.1.tar.gz
>> sha256 b73677c21a71cf92f15cc8cfe76a3d875e40f65b6150081c39620b286582d536
>> pgp https://nlnetlabs.nl/downloads/unbound/unbound-1.10.1.tar.gz.asc
>>
>> This release fixes CVE-2020-12662 and CVE-2020-12663.
>>
>> Bug Fixes:
>> - CVE-2020-12662 Unbound can be tricked into amplifying an incoming
>> query into a large number of queries directed to a target.
>> - CVE-2020-12663 Malformed answers from upstream name servers can be
>> used to make Unbound unresponsive.
>>
>> Best regards, Wouter
>>
>
> Got this version built on Solaris 11.4 with Studio 12.6. Still did get
> the following error when compiling:
> ----------------------------------------------------------------------------------
>
> "smallapp/unbound-checkconf.c", line 707: identifier redeclared:
> auth_zones_delete
> current : function() returning int
> previous: function(pointer to struct auth_zones {struct
> _pthread_rwlock {..} lock, struct rbtree_type {..} ztree, struct
> rbtree_type {..} xtree, int have_downstream, unsigned long num_query_up,
> unsigned long num_query_down, pointer to struct rpz {..} rpz_first,
> struct _pthread_rwlock {..} rpz_lock}) returning void :
> "./services/authzone.h", line 494
> "smallapp/unbound-checkconf.c", line 708: syntax error before or at: }
> cc: acomp failed for smallapp/unbound-checkconf.c
> gmake: *** [Makefile:291: unbound-checkconf.lo] Error 1
> ----------------------------------------------------------------------------------
>
>
> But got it sorted out by editing line 704 in
> "smallapp/unbound-checkconf.c" changing from:
> if(!az || !auth_zones_apply_cfg(az, cfg, 0i, &is_rpz)) {
> To:
> if(!az || !auth_zones_apply_cfg(az, cfg, 0, &is_rpz)) {
>
> As per version 1.10.0 previously.
Thank you for the fix! It is already committed to the repo in commit
https://github.com/NLnetLabs/unbound/commit/cca5cfc88ff84fa8d6e5c619f3f31aa21bb33b5f
Version 1.10.0 did not have this fix, when I look in the .tar.gz. I
guess it was fixed for you by a patch included from a package repository
or so. The fix in the code repository is there for next releases.
Best regards, Wouter
>
> Thanks
>
More information about the Unbound-users
mailing list