Home Explore Help
Register Sign In
PUBLIC_REPOS
/
buildroot
mirror of git://git.buildroot.net/buildroot
2
1
Fork 0
Files
Browse Source

package/unbound: security bump to version 1.21.1

Fixes the following security vulnerability:

CVE-2024-8508: A vulnerability has been discovered in Unbound when handling
replies with very large RRsets that Unbound needs to perform name
compression for.

https://nlnetlabs.nl/downloads/unbound/CVE-2024-8508.txt

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
[Julien: update pgp key id in hash file]
Signed-off-by: Julien Olivain <ju.o@free.fr>
Peter Korsgaard 5 months ago
parent
2867f4be42
commit
3f98b643fb
2 changed files with 5 additions and 5 deletions
Split View Show Diff Stats
  1. 4 4
      package/unbound/unbound.hash
  2. 1 1
      package/unbound/unbound.mk

+ 4 - 4
package/unbound/unbound.hash
View File 

@@ -1,8 +1,8 @@
 
-# From https://nlnetlabs.nl/downloads/unbound/unbound-1.21.0.tar.gz.sha256
 
+# From https://nlnetlabs.nl/downloads/unbound/unbound-1.21.1.tar.gz.sha256
 
 # After checking pgp signature from:
 
-# https://nlnetlabs.nl/downloads/unbound/unbound-1.21.0.tar.gz.asc
 
-# with key: EDFAA3F2CA4E6EB05681AF8E9F6F1C2D7E045F8D
 
-sha256  e7dca7d6b0f81bdfa6fa64ebf1053b5a999a5ae9278a87ef182425067ea14521  unbound-1.21.0.tar.gz
 
+# https://nlnetlabs.nl/downloads/unbound/unbound-1.21.1.tar.gz.asc
 
+# with key: 948EB42322C5D00B79340F5DCFF3344D9087A490
 
+sha256  3036d23c23622b36d3c87e943117bdec1ac8f819636eb978d806416b0fa9ea46  unbound-1.21.1.tar.gz
 
 
 # Locally calculated
 
 sha256  8eb9a16cbfb8703090bbfa3a2028fd46bb351509a2f90dc1001e51fbe6fd45db  LICENSE

+ 1 - 1
package/unbound/unbound.mk
View File 

@@ -4,7 +4,7 @@
 
 #
 
 ################################################################################
 
 
-UNBOUND_VERSION = 1.21.0
 
+UNBOUND_VERSION = 1.21.1
 
 UNBOUND_SITE = https://nlnetlabs.nl/downloads/unbound
 
 UNBOUND_INSTALL_STAGING = YES
 
 UNBOUND_DEPENDENCIES = host-pkgconf expat libevent openssl