Unbound upstream has released latest, v1.4.3 version: [1] http://www.unbound.net/download.html addressing one denial of service issue, specific to 64 bit platforms. References: [2] http://bugs.gentoo.org/show_bug.cgi?id=309117 CVE Request: [3] http://www.openwall.com/lists/oss-security/2010/03/12/3
This issue affects the versions of the unbound package, as shipped with Fedora release of 11 and 12. This issue affects the version of the unbound package, as shipped within EPEL5 repository. Please fix.
This is CVE-2010-0735
There was a race condition with CVE assignments, so this issue has been assigned CVE-2010-0969 instead (CVE-2010-0735 should not be used at all).
CVE-2010-0735 has been rejected by Mitre: Name: CVE-2010-0735 Status: Candidate URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0735 Final-Decision: Interim-Decision: Modified: Proposed: Assigned: 20100226 Category: ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2010-0969. Reason: This candidate is a duplicate of CVE-2010-0969. Notes: All CVE users should reference CVE-2010-0969 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage.
unbound-1.4.3-1.el5 has been submitted as an update for Fedora EPEL 5. http://admin.fedoraproject.org/updates/unbound-1.4.3-1.el5
unbound-1.4.3-1.el5 has been pushed to the Fedora EPEL 5 stable repository. If problems still persist, please make note of it in this bug report.