Release date:
2026-06-01 13:15:51 UTC
Description:
- CVE-2026-40622: clamp NS RRset TTL to the cached value in the
higher-trust branch of need_to_update_rrset() to prevent the
"ghost domain" variant where an attacker-controlled higher-trust
NS response revives a revoked delegation.
Updated packages:
-
python3-unbound-1.16.2-5.el8.tuxcare.els8.x86_64.rpm
sha:c4e3469d43dabb058431302d121a8d48ed4f66adf05486f42908af68a8b8c5e7
-
unbound-1.16.2-5.el8.tuxcare.els8.x86_64.rpm
sha:4a1952f442dbb5333c35a7a91537af8b9bd21e0105ae6d1a9b60f8d7889025c5
-
unbound-devel-1.16.2-5.el8.tuxcare.els8.i686.rpm
sha:5ba3e36ba11ef3c27e26f95109d0e3daca859b0e6e79c8ad2949cbad333a3963
-
unbound-devel-1.16.2-5.el8.tuxcare.els8.x86_64.rpm
sha:25a4a8c3f52aee723bc84bb1f3800b5bf9e0de097e6e4f84980c0f50c2d828ff
-
unbound-libs-1.16.2-5.el8.tuxcare.els8.i686.rpm
sha:234c9ce3a71d0456185b63303a7ca8a8c9509678f8f71eaa1a361186b37b2a34
-
unbound-libs-1.16.2-5.el8.tuxcare.els8.x86_64.rpm
sha:2633aabf72698d5f903028ec9cb00f07cde1165a4d7adbdeafc3ef972a1e9242
Notes:
This page is generated automatically and has not been checked for errors. For clarification or
corrections please contact the
CloudLinux Packaging Team.
