Release date:
2026-05-29 11:50:34 UTC
Description:
- CVE-2026-42944: fix heap overflow when a query contains multiple NSID
or PADDING EDNS options; only emit each option once per query via
nsid_seen / padding_seen guards (COOKIE handler does not exist in 1.16.2)
- CVE-2026-41292: cap parsed incoming EDNS options at 100 per query so
a flood of options cannot hold a resolver worker thread
- CVE-2026-42959: fix DNSSEC-validation crash in val_fill_reply() by
using chase->ns_numrrsets instead of the wrong orig->ns_numrrsets
when computing the chase rrsets offset
Updated packages:
-
python3-unbound-1.16.2-5.el8.tuxcare.els7.x86_64.rpm
sha:e52917fb7d409d69af61e8ea522919aad46ff770b6832bfbded07f4676e4428d
-
unbound-1.16.2-5.el8.tuxcare.els7.x86_64.rpm
sha:dd322ba74dc3d3c060dae6a9b70c7f17dfeaa58807ad37863264f1c8d1b24a38
-
unbound-devel-1.16.2-5.el8.tuxcare.els7.i686.rpm
sha:27a813dac6e3506962f62dfec541903736f14223e085ab7b7c4091fc14c0a480
-
unbound-devel-1.16.2-5.el8.tuxcare.els7.x86_64.rpm
sha:7cc83dcbabb9725455806e97926abe88650ff41038271595282bb2accaae3c26
-
unbound-libs-1.16.2-5.el8.tuxcare.els7.i686.rpm
sha:bf06d8bc89a6a279e626557b53715e9be434819199091ecc1352314c7f2fb98e
-
unbound-libs-1.16.2-5.el8.tuxcare.els7.x86_64.rpm
sha:d2be11af54c10429a1ff962737cdc26663c7825b07308ff1f131082a243a5613
Notes:
This page is generated automatically and has not been checked for errors. For clarification or
corrections please contact the
CloudLinux Packaging Team.
