|
|
Log in / Subscribe / Register

Ubuntu alert USN-7855-2 (unbound)



From:
              noreply+usn-bot@canonical.com


To:
              ubuntu-security-announce@lists.ubuntu.com


Subject:
              [USN-7855-2] Unbound regression


Date:
              Tue, 02 Dec 2025 14:05:52 +0000


Message-ID:
              <E1vQR0q-0005ZZ-Ac@lists.ubuntu.com>


==========================================================================
Ubuntu Security Notice USN-7855-2
December 02, 2025

unbound regression
==========================================================================

A security issue affects these releases of Ubuntu and its derivatives:

- Ubuntu 25.10
- Ubuntu 25.04
- Ubuntu 24.04 LTS
- Ubuntu 22.04 LTS

Summary:

USN-7855-1 introduced a regression in Unbound

Software Description:
- unbound: validating, recursive, caching DNS resolver

Details:

USN-7855-1 fixed vulnerabilities in Unbound. It was discovered that the fix
for CVE-2025-11411 was incomplete. This update fixes the problem.

Original advisory details:

 Yuxiao Wu, Yunyi Zhang, Baojun Liu, and Haixin Duan discovered that
 Unbound incorrectly handled certain promiscuous NS RRSets. A remote
 attacker could possibly use this issue to perform a domain hijack attack.

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 25.10
  libunbound8                     1.22.0-2ubuntu2.2
  unbound                         1.22.0-2ubuntu2.2

Ubuntu 25.04
  libunbound8                     1.22.0-1ubuntu1.3
  unbound                         1.22.0-1ubuntu1.3

Ubuntu 24.04 LTS
  libunbound8                     1.19.2-1ubuntu3.7
  unbound                         1.19.2-1ubuntu3.7

Ubuntu 22.04 LTS
  libunbound8                     1.13.1-1ubuntu5.14
  unbound                         1.13.1-1ubuntu5.14

In general, a standard system update will make all the necessary changes.

References:
  https://ubuntu.com/security/notices/USN-7855-2
  https://ubuntu.com/security/notices/USN-7855-1
  CVE-2025-11411, https://launchpad.net/bugs/2133715

Package Information:
  https://launchpad.net/ubuntu/+source/unbound/1.22.0-2ubun...
  https://launchpad.net/ubuntu/+source/unbound/1.22.0-1ubun...
  https://launchpad.net/ubuntu/+source/unbound/1.19.2-1ubun...
  https://launchpad.net/ubuntu/+source/unbound/1.13.1-1ubun...




Attachment: signature.asc (type=application/pgp-signature)

-----BEGIN PGP SIGNATURE-----

iQIzBAABCgAdFiEE+8neBLO2Hp/ppPlOcpJm3tlzhgEFAmku8Y0ACgkQcpJm3tlz
hgHUdRAAwjZv7uoaHDnYyNfgWAS1t0Rahgoun1TRwmwW9LBTs8prJe7REkY3MtmP
rPJOvWxA3YJC6EyikB+wN0ikU9d5+uM+dtbu3nm2YIlslnqicWN75wwGcQtWUDY3
5oXEI7O/s1SmgXis6aonLDvOIG0arPVf2bwUwW0WerVVmwxmujX2t7nTyFnTcRCD
oY9tpWjsto0qe4jyWz2qPKvza3x2V+fw1otOB7gwf9d3voMKKunCbD5d44R6J7CT
WFFucJNoElpE5bDYOHdDeccqawt/byTgtwEaPNKGJzWdO3bMfGqmqX8B82PsXjo7
ZyTNSWckzHWVuJafh/WnjwVjk0Wtgfu/HohjxAirTHs+bfKOXXxi86idt+MGHX50
4tyCwksLZj4gcVTRERwtNHAXgtAu8itRW37ue9IrsTYDXFncuFpc7HS10sfMvVVO
eY9JtYPv3BGeXMwV/upBsvh7CTdDSQHM9h+cuDEtP1jSEXJ1EOngbWauKaTCI3wt
4CSdTPyoSt46BDOaSru2hXE3/LddnywxADXRLTh+/zRm6SmTDT02Hi2JbTnGgMPD
3Bfvr8hF2DGG0VrdyU7HAn9NqS0Bci8fKPTC84Rtw1Yej7zWte8fziqHKXI+n8GL
FESm9mojDgjASsiYpXKxZDPPd1o/zi7nv2LraVhwTmzaWJvbfUA=
=5AAY
-----END PGP SIGNATURE-----
to post comments


Copyright © 2026, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds