fix CVE-2023-50387 CVE-2023-50868

(cherry picked from commit 75ddb133697ff2dc97e2a648921d680def0ef483)
2024-02-23 06:22:18 +00:00 · 2024-02-23 06:22:18 +00:00 · 230070f675
commit 230070f675
parent c6e52e672b
2 changed files with 2353 additions and 1 deletions
--- a/backport-CVE-2023-50387_CVE-2023-50868.patch
+++ b/backport-CVE-2023-50387_CVE-2023-50868.patch
--- a/unbound.spec
+++ b/unbound.spec
@ -2,7 +2,7 @@
 Name:          unbound
 Version:       1.13.2
-Release:       8
+Release:       9
 Summary:       Unbound is a validating, recursive, caching DNS resolver
 License:       BSD
 Url:           https://nlnetlabs.nl/projects/unbound/about/
@ -27,6 +27,7 @@ Patch2:        backport-CVE-2022-30698-and-CVE-2022-30699.patch
 Patch3:        backport-CVE-2022-3204.patch
 Patch4:        backport-Undefine-shift-in-sldns_str2wire_hip_buf.patch
 Patch5:        backport-Integer-overflow-in-sldns_wire2str_pkt_scan.patch
 Patch6:        backport-CVE-2023-50387_CVE-2023-50868.patch
 BuildRequires: make flex swig pkgconfig systemd
 BuildRequires: libevent-devel expat-devel openssl-devel python3-devel
@ -243,6 +244,12 @@ popd
 %{_mandir}/man*
 %changelog
 * Fri Feb 23 2024 gaihuiying <eaglegai@163.com> - 1.13.2-9
 - Type:bugfix
 - CVE:NA
 - SUG:NA
 - DESC:fix CVE-2023-50387 CVE-2023-50868
 * Fri Mar 03 2023 gaihuiying <eaglegai@163.com> - 1.13.2-8
 - Type:bugfix
 - CVE:NA