On 2024-10-07 16:03 +01, Stuart Henderson <stu@spacehopper.org> wrote:
> DNS compression has been giving gifts all over the place for years -
> in this case there's a denial-of-service vector which can be triggered
> by querying a constructed DNS record.
>
> https://nlnetlabs.nl/downloads/unbound/CVE-2024-8508.txt
>
> Diff reordered so the important bit (util/data/msgencode.c) comes
> first. If we want to commit to -stable then that's all that is needed
> (same diff works for 7.4 7.5 7.6).

Please get this in asap. OK florian

-- 
In my defence, I have been left unsupervised.