Oval Definition:oval:org.mitre.oval:def:13307
Revision Date:2014-06-23Version:20
Title:DSA-1963-1 unbound -- cryptographic implementation error
Description:It was discovered that Unbound, a DNS resolver, does not properly check cryptographic signatures on NSEC3 records. As a result, zones signed with the NSEC3 variant of DNSSEC lose their cryptographic protection. The old stable distribution does not contain an unbound package. For the stable distribution, this problem has been fixed in version 1.0.2-1+lenny1. For the unstable distribution and the testing distribution, this problem has been fixed in version 1.3.4-1. We recommend that you upgrade your unbound package.
Family:unixClass:patch
Status:ACCEPTEDReference(s):CVE-2009-3602
DSA-1963-1
Platform(s):Debian GNU/Linux 5.0
Product(s):unbound
Definition Synopsis
  • Debian GNU/Linux 5.0 is installed
  • AND Supported architectures section
  • Installed architecture is s390
  • OR Installed architecture is amd64
  • OR Installed architecture is sparc
  • OR Installed architecture is arm
  • OR Installed architecture is i386
  • OR Installed architecture is armel
  • OR Installed architecture is mips
  • OR Installed architecture is ia64
  • OR Installed architecture is alpha
  • OR Installed architecture is powerpc
  • OR Installed architecture is mipsel
  • OR Installed architecture is hppa
  • AND Packages section
  • unbound DPKG is earlier than 1.0.2-1+lenny1
  • OR libunbound0 DPKG is earlier than 1.0.2-1+lenny1
  • OR libunbound-dev DPKG is earlier than 1.0.2-1+lenny1
  • OR unbound-host DPKG is earlier than 1.0.2-1+lenny1
    • BACK