!85 [sync] PR-81: fix CVE-2023-50387 CVE-2023-50868

From: @openeuler-sync-bot Reviewed-by: @gebidelidaye Signed-off-by: @gebidelidaye
2024-02-26 07:07:46 +00:00 · 2024-02-26 07:07:46 +00:00 · af35215d9d
commit af35215d9d
parent c6e52e672b 230070f675
2 changed files with 2353 additions and 1 deletions
--- a/backport-CVE-2023-50387_CVE-2023-50868.patch
+++ b/backport-CVE-2023-50387_CVE-2023-50868.patch
--- a/unbound.spec
+++ b/unbound.spec
@ -2,7 +2,7 @@
 Name:          unbound
 Version:       1.13.2
-Release:       8
+Release:       9
 Summary:       Unbound is a validating, recursive, caching DNS resolver
 License:       BSD
 Url:           https://nlnetlabs.nl/projects/unbound/about/
@ -27,6 +27,7 @@ Patch2:        backport-CVE-2022-30698-and-CVE-2022-30699.patch
 Patch3:        backport-CVE-2022-3204.patch
 Patch4:        backport-Undefine-shift-in-sldns_str2wire_hip_buf.patch
 Patch5:        backport-Integer-overflow-in-sldns_wire2str_pkt_scan.patch
 Patch6:        backport-CVE-2023-50387_CVE-2023-50868.patch
 BuildRequires: make flex swig pkgconfig systemd
 BuildRequires: libevent-devel expat-devel openssl-devel python3-devel
@ -243,6 +244,12 @@ popd
 %{_mandir}/man*
 %changelog
 * Fri Feb 23 2024 gaihuiying <eaglegai@163.com> - 1.13.2-9
 - Type:bugfix
 - CVE:NA
 - SUG:NA
 - DESC:fix CVE-2023-50387 CVE-2023-50868
 * Fri Mar 03 2023 gaihuiying <eaglegai@163.com> - 1.13.2-8
 - Type:bugfix
 - CVE:NA