Date: Mon, 8 Jul 2024 18:08:16 +0000 From: "Wall, Stephen" <stephen.wall@redcom.com> To: "freebsd-security@freebsd.org" <freebsd-security@freebsd.org> Subject: RE: CVE 2024 1931 - unbound Message-ID: <MW4PR09MB9284B0E97E41A1B660DF2632EEDA2@MW4PR09MB9284.namprd09.prod.outlook.com> In-Reply-To: <20240703162938.7459b610@slippy> References: <MW4PR09MB92849E1CFE06CB46D2986DA9EED62@MW4PR09MB9284.namprd09.prod.outlook.com> <86jzi71tjx.fsf@ltc.des.dev> <MW4PR09MB92843F5CB46E4B10DA4F726AEEDD2@MW4PR09MB9284.namprd09.prod.outlook.com> <20240703162938.7459b610@slippy>
index | next in thread | previous in thread | raw e-mail
> > > a prerequisite for the DoS attack described in CVE-2024-1931. > Did you actually mean CVE-2024-33655 instead? I mean CVE-2024-1931, in which unbound is vulnerable to a DoS if 'ede: yes' is configured. This is fixed in unbound 1.19.2, but 14.0 uses 1.19.1.help
Want to link to this message? Use this
URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?MW4PR09MB9284B0E97E41A1B660DF2632EEDA2>