| Package | unbound1.9 |
|---|---|
| Version | 1.9.0-2+deb10u2~deb9u4 (stretch) |
| Related CVEs | CVE-2023-50387 CVE-2023-50868 |
Two vulnerabilities were discovered in unbound, a validating, recursive, caching DNS resolver. Specially crafted DNSSEC answers could lead unbound down a very CPU intensive and time costly DNSSEC (CVE-2023-50387) or NSEC3 hash (CVE-2023-50868) validation path, resulting in denial of service.
For Debian 9 stretch, these problems have been fixed in version 1.9.0-2+deb10u2~deb9u4.
We recommend that you upgrade your unbound1.9 packages.
Further information about Extended LTS security advisories can be found in the dedicated section of our website.