| What | Removed | Added |
|---|---|---|
| Status | IN_PROGRESS | RESOLVED |
| Resolution | --- | FIXED |
While this bug has progressed at a glacial pace, the unbound package itself has been updated regularly in Factory. The PID file vulnerability, tracked as CVE-2020-28935, was fixed in openSUSE over two years ago: https://build.opensuse.org/package/rdiff/openSUSE:Factory/unbound?linkrev=base&rev=48 This leaves us with hardening suggestions: [x] Lower permissions for conf.d, keys.d and local.d Finally accepted into Factory: https://build.opensuse.org/request/show/1067361 [ ] Include AppArmor profile [ ] Remove unbound-anchor Since this bug is primarily about the already fixed vulnerability, I will resolve it and create new ones for the remaining tasks.