http://bugzilla.opensuse.org/show_bug.cgi?id=1173619
http://bugzilla.opensuse.org/show_bug.cgi?id=1173619#c24
Wolfgang Frisch changed:
What |Removed |Added
----------------------------------------------------------------------------
Status|IN_PROGRESS |RESOLVED
Resolution|--- |FIXED
--- Comment #24 from Wolfgang Frisch ---
While this bug has progressed at a glacial pace, the unbound package itself has
been updated regularly in Factory. The PID file vulnerability, tracked as
CVE-2020-28935, was fixed in openSUSE over two years ago:
https://build.opensuse.org/package/rdiff/openSUSE:Factory/unbound?linkrev=base&rev=48
This leaves us with hardening suggestions:
[x] Lower permissions for conf.d, keys.d and local.d
Finally accepted into Factory:
https://build.opensuse.org/request/show/1067361
[ ] Include AppArmor profile
[ ] Remove unbound-anchor
Since this bug is primarily about the already fixed vulnerability, I will
resolve it and create new ones for the remaining tasks.
--
You are receiving this mail because:
You are on the CC list for the bug.