head     1.1;
branch   1.1.1;
access   ;
symbols  unbound-1-25-1:1.1.1.1 NLNETLABS:1.1.1;
locks    ; strict;
comment  @# @;


1.1
date     2026.05.21.16.11.47;  author christos;  state Exp;
branches 1.1.1.1;
next     ;
commitid        KUtmCKdRNks7oHGG;

1.1.1.1
date     2026.05.21.16.11.47;  author christos;  state Exp;
branches ;
next     ;
commitid        KUtmCKdRNks7oHGG;


desc
@@



1.1
log
@Initial revision
@
text
@BaseName: tls_reuse_auth
Version: 1.0
Description: Test tls stream reuse with tls auth name.
CreationDate: Thu Apr 02 11:11:00 CEST 2026
Maintainer: Wouter Wijngaards
Category: 
Component:
CmdDepends: 
Depends: 
Help:
Pre: tls_reuse_auth.pre
Post: tls_reuse_auth.post
Test: tls_reuse_auth.test
AuxFiles: 
Passed:
Failure:
@


1.1.1.1
log
@Import unbound 1.25.1 (previous was 1.24.2)

Bug Fixes

Fix CVE-2026-33278, Possible remote code execution during DNSSEC validation.
Thanks to Qifan Zhang, Palo Alto Networks, for the report.

Fix CVE-2026-42944, Heap overflow and crash with multiple nsid, cookie,
padding EDNS options. Thanks to Qifan Zhang, Palo Alto Networks, for the
report.

Fix CVE-2026-42959, Crash during DNSSEC validation of malicious content. Thanks
to Qifan Zhang, Palo Alto Networks, for the report.

Fix CVE-2026-32792, Packet of death with DNSCrypt. Thanks to Andrew Griffiths
from 'calif.io' for the report.

Fix CVE-2026-40622, "Ghost domain name" variant. Thanks to Qifan Zhang, Palo
Alto Networks, for the report.

Fix CVE-2026-41292, Parsing a long list of incoming EDNS options degrades
performance. Thanks to GitHub user 'N0zoM1z0', also Qifan Zhang from Palo Alto
Networks, for the report.

Fix CVE-2026-42534, Jostle logic bypass degrades resolution performance. Thanks
to Qifan Zhang, Palo Alto Networks, for the report.

Fix CVE-2026-42923, Degradation of service with unbounded NSEC3 hash
calculations. Thanks to Qifan Zhang, Palo Alto Networks, for the report.

Fix CVE-2026-42960, Possible cache poisoning attack while following
delegation. Thanks to TaoFei Guo from Peking University, Yang Luo and JianJun
Chen, Tsinghua University, for the report.

Fix CVE-2026-44390, Unbounded name compression in certain cases causes
degradation of service. Thanks to Qifan Zhang, Palo Alto Networks, for the
report.

Fix CVE-2026-44608, Use after free and crash in RPZ code. Thanks to Qifan
Zhang, Palo Alto Networks, for the report.

For changes to older versions see:

https://nlnetlabs.nl/projects/unbound/download/#unbound-1-25-1
@
text
@@