openSUSE-SU-2020:0912-1
See a problem?- Import Source
- https://ftp.suse.com/pub/projects/security/osv/openSUSE-SU-2020:0912-1.json
- JSON Data
- https://api.osv.dev/v1/vulns/openSUSE-SU-2020:0912-1
- Upstream
- Related
- Published
- 2020-06-29T18:20:25Z
- Modified
- 2025-05-07T18:10:56.334231Z
- Summary
- Security update for unbound
- Details
-
This update for unbound fixes the following issues:
- CVE-2020-12662: Fixed an issue where unbound could have been tricked into amplifying an incoming query into a large number of queries directed to a target (bsc#1171889).
- CVE-2020-12663: Fixed an issue where malformed answers from upstream name servers could have been used to make unbound unresponsive (bsc#1171889).
- CVE-2019-18934: Fixed a vulnerability in the IPSec module which could have allowed code execution after receiving a special crafted answer (bsc#1157268).
This update was imported from the SUSE:SLE-15-SP1:Update update project.
- References
-
- https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/7BOBQ5VCGBBEOIK4YR7ZR7XNQZWV62CU/
- https://bugzilla.suse.com/1157268
- https://bugzilla.suse.com/1171889
- https://www.suse.com/security/cve/CVE-2019-18934
- https://www.suse.com/security/cve/CVE-2020-12662
- https://www.suse.com/security/cve/CVE-2020-12663
Affected packages
openSUSE:Leap 15.1 / libunbound-devel-mini
Package
- Name
- libunbound-devel-mini
- Purl
- pkg:rpm/opensuse/libunbound-devel-mini&distro=openSUSE%20Leap%2015.1
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed1.6.8-lp151.8.3.1
Ecosystem specific
{
"binaries": [
{
"libunbound2": "1.6.8-lp151.8.3.1",
"libunbound-devel-mini": "1.6.8-lp151.8.3.1",
"unbound-devel": "1.6.8-lp151.8.3.1",
"unbound-python": "1.6.8-lp151.8.3.1",
"unbound": "1.6.8-lp151.8.3.1",
"unbound-munin": "1.6.8-lp151.8.3.1",
"unbound-anchor": "1.6.8-lp151.8.3.1"
}
]
}
openSUSE:Leap 15.1 / unbound
Package
- Name
- unbound
- Purl
- pkg:rpm/opensuse/unbound&distro=openSUSE%20Leap%2015.1
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed1.6.8-lp151.8.3.1
Ecosystem specific
{
"binaries": [
{
"libunbound2": "1.6.8-lp151.8.3.1",
"libunbound-devel-mini": "1.6.8-lp151.8.3.1",
"unbound-devel": "1.6.8-lp151.8.3.1",
"unbound-python": "1.6.8-lp151.8.3.1",
"unbound": "1.6.8-lp151.8.3.1",
"unbound-munin": "1.6.8-lp151.8.3.1",
"unbound-anchor": "1.6.8-lp151.8.3.1"
}
]
}