[prev in list] [next in list] [prev in thread] [next in thread] 

List:       oss-security
Subject:    Re: [oss-security] CVE Request -- Unbound v1.4.3 -- 64 bit
From:       Tomas Hoger <thoger () redhat ! com>
Date:       2010-03-16 20:08:27
Message-ID: 20100316210827.2aea6df2 () redhat ! com
[Download RAW message or body]

On Tue, 16 Mar 2010 11:56:31 -0600 Vincent Danen <vdanen@redhat.com>
wrote:

> >  Unbound upstream has released latest, v1.4.3 version:
> >  [1] http://www.unbound.net/download.html
> >
> >  addressing one denial of service issue, specific to 64 bit
> >  platforms.
> >
> >References:
> >  [2] http://bugs.gentoo.org/show_bug.cgi?id=309117
> >
> >Could you allocate CVE id for it?
> 
> Please use CVE-2010-0735 for this issue.

This just got CVE-2010-0969 from Mitre:

Unbound before 1.4.3 does not properly align structures on 64-bit
platforms, which allows remote attackers to cause a denial of service
(daemon crash) via unspecified vectors.

-- 
Tomas Hoger / Red Hat Security Response Team
[prev in list] [next in list] [prev in thread] [next in thread]