Common Vulnerabilities and Exposures assigned an identifier CVE-2011-1922 to the following vulnerability: Name: CVE-2011-1922 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1922 Assigned: 20110509 Reference: http://unbound.nlnetlabs.nl/downloads/CVE-2011-1922.txt Reference: CERT-VN:VU#531342 Reference: http://www.kb.cert.org/vuls/id/531342 Reference: http://www.securityfocus.com/bid/47986 daemon/worker.c in Unbound 1.x before 1.4.10, when debugging functionality and the interface-automatic option are enabled, allows remote attackers to cause a denial of service (assertion failure and daemon exit) via a crafted DNS request that triggers improper error handling.
Created unbound tracking bugs for this issue Affects: fedora-all [bug 709526] Affects: epel-5 [bug 709527] Affects: epel-6 [bug 709528]
This was patched in Fedora 14 and 15 (1.4.8-2): http://lists.fedoraproject.org/pipermail/package-announce/2011-May/060958.html and also in EPEL 5 and 6 (1.4.4-3).