Red Hat Security Advisory 2020-2642-01

Red Hat Security Advisory 2020-2642-01: Posted Jun 22, 2020; Authored by Red Hat | Site access.redhat.com; Red Hat Security Advisory 2020-2642-01 - The unbound packages provide a validating, recursive, and caching DNS or DNSSEC resolver.; tags | advisory; systems | linux, redhat; advisories | CVE-2020-10772; SHA-256 | af0f7cc801ee4b89133e51c786a7814022ac78d0427b2d9138d5ef7fe46f338a; Download | Favorite | View

Red Hat Security Advisory 2020-2642-01

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

====================================================================                   
Red Hat Security Advisory

Synopsis:          Important: unbound security update
Advisory ID:       RHSA-2020:2642-01
Product:           Red Hat Enterprise Linux
Advisory URL:      https://access.redhat.com/errata/RHSA-2020:2642
Issue date:        2020-06-22
CVE Names:         CVE-2020-10772
====================================================================
1. Summary:

An update for unbound is now available for Red Hat Enterprise Linux 7.

Red Hat Product Security has rated this update as having a security impact
of Important. A Common Vulnerability Scoring System (CVSS) base score,
which gives a detailed severity rating, is available for each vulnerability
from the CVE link(s) in the References section.

2. Relevant releases/architectures:

Red Hat Enterprise Linux Client (v. 7) - x86_64
Red Hat Enterprise Linux Client Optional (v. 7) - x86_64
Red Hat Enterprise Linux ComputeNode (v. 7) - x86_64
Red Hat Enterprise Linux ComputeNode Optional (v. 7) - x86_64
Red Hat Enterprise Linux Server (v. 7) - ppc64, ppc64le, s390x, x86_64
Red Hat Enterprise Linux Server Optional (v. 7) - ppc64, ppc64le, s390x, x86_64
Red Hat Enterprise Linux Workstation (v. 7) - x86_64
Red Hat Enterprise Linux Workstation Optional (v. 7) - x86_64

3. Description:

The unbound packages provide a validating, recursive, and caching DNS or
DNSSEC resolver.

Security Fix(es):

* unbound: incomplete fix for CVE-2020-12662 in RHEL7 (CVE-2020-10772)

For more details about the security issue(s), including the impact, a CVSS
score, acknowledgments, and other related information, refer to the CVE
page(s) listed in the References section.

4. Solution:

For details on how to apply this update, which includes the changes
described in this advisory, refer to:

https://access.redhat.com/articles/11258

5. Bugs fixed (https://bugzilla.redhat.com/):

1846026 - CVE-2020-10772 unbound: incomplete fix for CVE-2020-12662 in RHEL7

6. Package List:

Red Hat Enterprise Linux Client (v. 7):

Source:
unbound-1.6.6-5.el7_8.src.rpm

x86_64:
unbound-1.6.6-5.el7_8.x86_64.rpm
unbound-debuginfo-1.6.6-5.el7_8.i686.rpm
unbound-debuginfo-1.6.6-5.el7_8.x86_64.rpm
unbound-libs-1.6.6-5.el7_8.i686.rpm
unbound-libs-1.6.6-5.el7_8.x86_64.rpm

Red Hat Enterprise Linux Client Optional (v. 7):

x86_64:
unbound-debuginfo-1.6.6-5.el7_8.i686.rpm
unbound-debuginfo-1.6.6-5.el7_8.x86_64.rpm
unbound-devel-1.6.6-5.el7_8.i686.rpm
unbound-devel-1.6.6-5.el7_8.x86_64.rpm
unbound-python-1.6.6-5.el7_8.x86_64.rpm

Red Hat Enterprise Linux ComputeNode (v. 7):

Source:
unbound-1.6.6-5.el7_8.src.rpm

x86_64:
unbound-debuginfo-1.6.6-5.el7_8.i686.rpm
unbound-debuginfo-1.6.6-5.el7_8.x86_64.rpm
unbound-libs-1.6.6-5.el7_8.i686.rpm
unbound-libs-1.6.6-5.el7_8.x86_64.rpm

Red Hat Enterprise Linux ComputeNode Optional (v. 7):

x86_64:
unbound-1.6.6-5.el7_8.x86_64.rpm
unbound-debuginfo-1.6.6-5.el7_8.i686.rpm
unbound-debuginfo-1.6.6-5.el7_8.x86_64.rpm
unbound-devel-1.6.6-5.el7_8.i686.rpm
unbound-devel-1.6.6-5.el7_8.x86_64.rpm
unbound-python-1.6.6-5.el7_8.x86_64.rpm

Red Hat Enterprise Linux Server (v. 7):

Source:
unbound-1.6.6-5.el7_8.src.rpm

ppc64:
unbound-1.6.6-5.el7_8.ppc64.rpm
unbound-debuginfo-1.6.6-5.el7_8.ppc.rpm
unbound-debuginfo-1.6.6-5.el7_8.ppc64.rpm
unbound-libs-1.6.6-5.el7_8.ppc.rpm
unbound-libs-1.6.6-5.el7_8.ppc64.rpm

ppc64le:
unbound-1.6.6-5.el7_8.ppc64le.rpm
unbound-debuginfo-1.6.6-5.el7_8.ppc64le.rpm
unbound-libs-1.6.6-5.el7_8.ppc64le.rpm

s390x:
unbound-1.6.6-5.el7_8.s390x.rpm
unbound-debuginfo-1.6.6-5.el7_8.s390.rpm
unbound-debuginfo-1.6.6-5.el7_8.s390x.rpm
unbound-libs-1.6.6-5.el7_8.s390.rpm
unbound-libs-1.6.6-5.el7_8.s390x.rpm

x86_64:
unbound-1.6.6-5.el7_8.x86_64.rpm
unbound-debuginfo-1.6.6-5.el7_8.i686.rpm
unbound-debuginfo-1.6.6-5.el7_8.x86_64.rpm
unbound-libs-1.6.6-5.el7_8.i686.rpm
unbound-libs-1.6.6-5.el7_8.x86_64.rpm

Red Hat Enterprise Linux Server Optional (v. 7):

ppc64:
unbound-debuginfo-1.6.6-5.el7_8.ppc.rpm
unbound-debuginfo-1.6.6-5.el7_8.ppc64.rpm
unbound-devel-1.6.6-5.el7_8.ppc.rpm
unbound-devel-1.6.6-5.el7_8.ppc64.rpm
unbound-python-1.6.6-5.el7_8.ppc64.rpm

ppc64le:
unbound-debuginfo-1.6.6-5.el7_8.ppc64le.rpm
unbound-devel-1.6.6-5.el7_8.ppc64le.rpm
unbound-python-1.6.6-5.el7_8.ppc64le.rpm

s390x:
unbound-debuginfo-1.6.6-5.el7_8.s390.rpm
unbound-debuginfo-1.6.6-5.el7_8.s390x.rpm
unbound-devel-1.6.6-5.el7_8.s390.rpm
unbound-devel-1.6.6-5.el7_8.s390x.rpm
unbound-python-1.6.6-5.el7_8.s390x.rpm

x86_64:
unbound-debuginfo-1.6.6-5.el7_8.i686.rpm
unbound-debuginfo-1.6.6-5.el7_8.x86_64.rpm
unbound-devel-1.6.6-5.el7_8.i686.rpm
unbound-devel-1.6.6-5.el7_8.x86_64.rpm
unbound-python-1.6.6-5.el7_8.x86_64.rpm

Red Hat Enterprise Linux Workstation (v. 7):

Source:
unbound-1.6.6-5.el7_8.src.rpm

x86_64:
unbound-1.6.6-5.el7_8.x86_64.rpm
unbound-debuginfo-1.6.6-5.el7_8.i686.rpm
unbound-debuginfo-1.6.6-5.el7_8.x86_64.rpm
unbound-libs-1.6.6-5.el7_8.i686.rpm
unbound-libs-1.6.6-5.el7_8.x86_64.rpm

Red Hat Enterprise Linux Workstation Optional (v. 7):

x86_64:
unbound-debuginfo-1.6.6-5.el7_8.i686.rpm
unbound-debuginfo-1.6.6-5.el7_8.x86_64.rpm
unbound-devel-1.6.6-5.el7_8.i686.rpm
unbound-devel-1.6.6-5.el7_8.x86_64.rpm
unbound-python-1.6.6-5.el7_8.x86_64.rpm

These packages are GPG signed by Red Hat for security.  Our key and
details on how to verify the signature are available from
https://access.redhat.com/security/team/key/

7. References:

https://access.redhat.com/security/cve/CVE-2020-10772
https://access.redhat.com/security/updates/classification/#important

8. Contact:

The Red Hat security contact is <secalert@redhat.com>. More contact
details at https://access.redhat.com/security/team/contact/

Copyright 2020 Red Hat, Inc.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iQIVAwUBXvCC1tzjgjWX9erEAQgNGw/+LW4fn1czlp8hNrIYpEQ67n8JBFmEv6HB
laTUMTO5O7FT16wbkP5iluNPMCSYYBd38nwombCasKc79VEAKnDFMeO3dT6pYuWO
Kl97tz5647n5PKHOWlGyd167no5JyBZ3Kwtt5YhmFuvC2E8xaK6mxsSLt5qXCiJx
Nf6yCFvPEdfogH3FesEgWCCMpFa0QVzu4CENKgt+EmGaXxxIb6UfgzsRctlP9G8T
stqIwdDXBw8v4162RMM1IV3VpY8iaNnrnbQmta4KVDO8hcdN1MVc9T70Tnq89sti
fMS5pcLSklj5UQ5K39Xy7eSQvwpHLgoiUT1K6ZPsRn6296o50zCVNZBm4ahHizNk
XW6Veb+qapwY6dclmDGUwjuw4pzLEWRDbUEJilkZacnuSdbSMp+ba2AbrF0Ou3ca
dvstsSQws/4X5an+41+wIaaO96Uvdfv/hD9ZJOhPVfJLt0CC6l6XTIkbBkF1O+nx
ITrTzf3f9jLSw32X8IWiC7Y6z1FppcRXM2oOjXOIeXO8n8eJ12Q2FEju6uo7IprU
acVUjtqQlQyDSAa6vXhaUDCUuCUEsHgojOL6fS6x7F8HnUAiYH/e0CusxpfOfog+
nb3DJFZ9xmML8J/2op6lRETsTy4zOyw6c7Ne+fgD4Dt6YsGZenLWTIRkUFw5DHOx
z/jsPKbXu04=fZR4
-----END PGP SIGNATURE-----

--
RHSA-announce mailing list
RHSA-announce@redhat.com
https://www.redhat.com/mailman/listinfo/rhsa-announce

Top Authors In Last 30 Days

Red Hat 236 files
Ubuntu 90 files
Gentoo 31 files
Debian 23 files
tmrswrr 10 files
Sina Kheirkhah 7 files
Amit Roy 4 files
bRpsd 4 files
Rodolfo Tavares 4 files
nu11secur1ty 3 files

File Archives

Systems

AIX (429)
Apple (2,090)
BSD (376)
CentOS (58)
Cisco (1,927)
Debian (7,077)
Fedora (1,693)
FreeBSD (1,246)
Gentoo (4,531)
HPUX (880)
iOS (376)
iPhone (108)
IRIX (220)
Juniper (69)
Linux (50,339)
Mac OS X (691)
Mandriva (3,105)
NetBSD (256)
OpenBSD (489)
RedHat (16,263)
Slackware (941)
Solaris (1,611)
SUSE (1,444)
Ubuntu (9,651)
UNIX (9,425)
UnixWare (187)
Windows (6,666)
Other

Red Hat Security Advisory 2020-2642-01

Red Hat Security Advisory 2020-2642-01

File Archive:

July 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems

Red Hat Security Advisory 2020-2642-01

Share This

Red Hat Security Advisory 2020-2642-01

File Archive:

July 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems