Unbound 1.10.1 released

Wouter Wijngaards wouter at nlnetlabs.nl
Mon May 25 11:32:01 UTC 2020 

Hi Jaco,

On 25/05/2020 13:16, Jaco Lesch via Unbound-users wrote:
> 
> On 5/19/20 10:03, Wouter Wijngaards via Unbound-users wrote:
>> Hi,
>>
>> Unbound 1.10.1 is available:
>> https://nlnetlabs.nl/downloads/unbound/unbound-1.10.1.tar.gz
>> sha256 b73677c21a71cf92f15cc8cfe76a3d875e40f65b6150081c39620b286582d536
>> pgp https://nlnetlabs.nl/downloads/unbound/unbound-1.10.1.tar.gz.asc
>>
>> This release fixes CVE-2020-12662 and CVE-2020-12663.
>>
>> Bug Fixes:
>> - CVE-2020-12662 Unbound can be tricked into amplifying an incoming
>>    query into a large number of queries directed to a target.
>> - CVE-2020-12663 Malformed answers from upstream name servers can be
>>    used to make Unbound unresponsive.
>>
>> Best regards, Wouter
>>
> 
> Got this version built on Solaris 11.4 with Studio 12.6. Still did get
> the following error when compiling:
> ----------------------------------------------------------------------------------
> 
> "smallapp/unbound-checkconf.c", line 707: identifier redeclared:
> auth_zones_delete
>         current : function() returning int
>         previous: function(pointer to struct auth_zones {struct
> _pthread_rwlock {..} lock, struct rbtree_type {..} ztree, struct
> rbtree_type {..} xtree, int have_downstream, unsigned long num_query_up,
> unsigned long num_query_down, pointer to struct rpz {..} rpz_first,
> struct _pthread_rwlock {..} rpz_lock}) returning void :
> "./services/authzone.h", line 494
> "smallapp/unbound-checkconf.c", line 708: syntax error before or at: }
> cc: acomp failed for smallapp/unbound-checkconf.c
> gmake: *** [Makefile:291: unbound-checkconf.lo] Error 1
> ----------------------------------------------------------------------------------
> 
> 
> But got it sorted out by editing line 704 in
> "smallapp/unbound-checkconf.c" changing from:
>         if(!az || !auth_zones_apply_cfg(az, cfg, 0i, &is_rpz)) {
> To:
>         if(!az || !auth_zones_apply_cfg(az, cfg, 0, &is_rpz)) {
> 
> As per version 1.10.0 previously.

Thank you for the fix!  It is already committed to the repo in commit
https://github.com/NLnetLabs/unbound/commit/cca5cfc88ff84fa8d6e5c619f3f31aa21bb33b5f

Version 1.10.0 did not have this fix, when I look in the .tar.gz.  I
guess it was fixed for you by a patch included from a package repository
or so.  The fix in the code repository is there for next releases.

Best regards, Wouter

> 
> Thanks
>

More information about the Unbound-users mailing list