-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Mon, 25 May 2026 12:05:38 +0300
Source: unbound
Binary: libunbound-dev libunbound8 libunbound8-dbgsym python3-unbound python3-unbound-dbgsym unbound unbound-anchor unbound-anchor-dbgsym unbound-dbgsym unbound-host unbound-host-dbgsym
Architecture: ppc64el
Version: 1.22.0-2+deb13u3
Distribution: trixie-security
Urgency: medium
Maintainer: ppc64el Build Daemon (ppc64el-osuosl-01) <buildd_ppc64el-ppc64el-osuosl-01@buildd.debian.org>
Changed-By: Michael Tokarev <mjt@tls.msk.ru>
Description:
 libunbound-dev - static library, header files, and docs for libunbound
 libunbound8 - library implementing DNS resolution and validation
 python3-unbound - library implementing DNS resolution and validation (Python3 bindi
 unbound    - validating, recursive, caching DNS resolver
 unbound-anchor - utility to securely fetch the root DNS trust anchor
 unbound-host - reimplementation of the 'host' command
Closes: 1137187
Changes:
 unbound (1.22.0-2+deb13u3) trixie-security; urgency=medium
 .
   * May-2026 security updates in debian/patches/26-05/ subdir:
     01-Use-the-same-EDE-removal-logic-when-encoding-errors.patch
       this change was part of 1.25 release, it is a slight change in behaviour
       implemented after 1.22.0 release.  This change is not necessary for the
       security update, but it makes subsequent changes in this area to apply.
     02-CVE-2026-33278-Possible-RCU-in-DNSSEC-validation.patch
     03-CVE-2026-42944-Heap-overflow-multiple-nsid-cookie-padding.patch
     04-CVE-2026-42959-Crash-DNSSEC-validation-of-malicious-content.patch
     05-CVE-2026-32792-Packet-of-death-with-DNSCrypt.patch
     06-CVE-2026-40622-Ghost-domain-name-variant.patch
        (patch edited, expanded TTL_IS_EXPIRED() macro not present in 1.22)
     07-CVE-2026-41292-Parsing-a-long-list-of-incoming-EDNS-options.patch
     08-CVE-2026-42534-Jostle-logic-bypass-degrades-performance.patch
     09-CVE-2026-42923-Degradation-of-service-unbouded-NSEC-hash-calc.patch
     10-CVE-2026-42960-Possible-cache-poisoning-following-delegation.patch
     11-CVE-2026-44390-Unbounded-name-compression.patch
     12-CVE-2026-44608-UAF-in-RPZ-code.patch
     13-Unit-test-for-CVE-2026-33278.patch
     14-Unit-test-for-CVE-2026-42944.patch
     15-Unit-test-for-CVE-2026-42959.patch
     16-Unit-test-for-CVE-2026-40622.patch
     17-Unit-test-for-CVE-2026-42960.patch
     (Closes: #1137187)
Checksums-Sha1:
 e72747b4d8b0cf4e22b8fbd3e24002458b4ea3fc 738964 libunbound-dev_1.22.0-2+deb13u3_ppc64el.deb
 287aad4e5c5e7cf85760c3162f64f1db6df88ff1 1384336 libunbound8-dbgsym_1.22.0-2+deb13u3_ppc64el.deb
 593217efd31acbbfeeaa94935359cb9f92f1d0b3 624680 libunbound8_1.22.0-2+deb13u3_ppc64el.deb
 473504d7980c971845f0798cb735323411076624 165388 python3-unbound-dbgsym_1.22.0-2+deb13u3_ppc64el.deb
 2156b50b809ffd7fb3ebe4437b2f31838a3a214e 221928 python3-unbound_1.22.0-2+deb13u3_ppc64el.deb
 f1de5d2219c6770e778e3c256355e65c63b69245 60720 unbound-anchor-dbgsym_1.22.0-2+deb13u3_ppc64el.deb
 441644187591232c476d5dee1cdff4f72c548e42 196492 unbound-anchor_1.22.0-2+deb13u3_ppc64el.deb
 01b928a9700ce38a7ea5e8f48bdd5c4f1023fdfe 5023476 unbound-dbgsym_1.22.0-2+deb13u3_ppc64el.deb
 0379d99137c211cebfa7be89f5eb6703c6911fee 137288 unbound-host-dbgsym_1.22.0-2+deb13u3_ppc64el.deb
 c577ed546922552ad1bc38016aa5b70b1ed92ff9 225172 unbound-host_1.22.0-2+deb13u3_ppc64el.deb
 9e679cb6db4cbb05fa5d0e2de826352f58326a3e 10446 unbound_1.22.0-2+deb13u3_ppc64el-buildd.buildinfo
 7467523c4d5edd61fe5d0fb8f72bc75ce7aeadab 1039540 unbound_1.22.0-2+deb13u3_ppc64el.deb
Checksums-Sha256:
 64ba4076878e2c79a07b59af595bb5110b4800996eede368d1e8971d85e213e8 738964 libunbound-dev_1.22.0-2+deb13u3_ppc64el.deb
 f9c31e01c72eb33fba02db9d35093857e4c03c4057e64a42e574821d4c34c434 1384336 libunbound8-dbgsym_1.22.0-2+deb13u3_ppc64el.deb
 1968e58f2eb1d5747575c990a43a2ae77bf95b4f3fb3eeef6b746af91b778b2f 624680 libunbound8_1.22.0-2+deb13u3_ppc64el.deb
 cb62341f53aa9906160fb86efdd0e1d4b1e49a130579296a6800c94331e40520 165388 python3-unbound-dbgsym_1.22.0-2+deb13u3_ppc64el.deb
 6ec33f9c7ba4ee08263efe7d1d1906e00d43783230c566eb0a7fd873a8279cf9 221928 python3-unbound_1.22.0-2+deb13u3_ppc64el.deb
 8a68dd2391193fb21fe8c48d731661aebccef75bd150c666e8cabcb6d3efa20b 60720 unbound-anchor-dbgsym_1.22.0-2+deb13u3_ppc64el.deb
 4b1794958342e5fa0c25dc71a9c4690561da91954fc98de6acb31d332d72be91 196492 unbound-anchor_1.22.0-2+deb13u3_ppc64el.deb
 e6c0dd64ec825dfc33c71d3220a4ffa5a66d92166c73372d19cfbe83335f5c0d 5023476 unbound-dbgsym_1.22.0-2+deb13u3_ppc64el.deb
 9f101d048f8bb3a98be5cbd9fd65506aa573ff89d42a6497cc9e9bd46092988e 137288 unbound-host-dbgsym_1.22.0-2+deb13u3_ppc64el.deb
 a425550ddc7b377fc5b53810f2f7fb890a0b68d17ad34de51d8e2e75881290a9 225172 unbound-host_1.22.0-2+deb13u3_ppc64el.deb
 69dfacf91d4de43d5ccb86e1596a57f5dff1e19e88bbbfdef45e0af4371aca6a 10446 unbound_1.22.0-2+deb13u3_ppc64el-buildd.buildinfo
 df4bca8348dc62572806ed886e20bd44263cc4125365096eb2ae247183fb1955 1039540 unbound_1.22.0-2+deb13u3_ppc64el.deb
Files:
 ed5914df0c271b344eb433ad0ae9359c 738964 libdevel optional libunbound-dev_1.22.0-2+deb13u3_ppc64el.deb
 11b72889366c0b8dfaebf7d144ab0fb5 1384336 debug optional libunbound8-dbgsym_1.22.0-2+deb13u3_ppc64el.deb
 9bd61d0ff2d9b04df4e973c9740bbdee 624680 libs optional libunbound8_1.22.0-2+deb13u3_ppc64el.deb
 4f2b3247e0725852861ef4870faee84f 165388 debug optional python3-unbound-dbgsym_1.22.0-2+deb13u3_ppc64el.deb
 92b62f4a8997cdca1caddca57f734b45 221928 python optional python3-unbound_1.22.0-2+deb13u3_ppc64el.deb
 86a5dd726543f690baf46366734cc255 60720 debug optional unbound-anchor-dbgsym_1.22.0-2+deb13u3_ppc64el.deb
 89c7817f14d86434574074aca5306d38 196492 net optional unbound-anchor_1.22.0-2+deb13u3_ppc64el.deb
 343567cfba3bde61cbe5808a9e81b7b1 5023476 debug optional unbound-dbgsym_1.22.0-2+deb13u3_ppc64el.deb
 ad2c73bf0841054d0f9dabd25b51512a 137288 debug optional unbound-host-dbgsym_1.22.0-2+deb13u3_ppc64el.deb
 c8b2e2f68d37b7b0a7d6ae830e834983 225172 net optional unbound-host_1.22.0-2+deb13u3_ppc64el.deb
 18dc11b5ab5fef4140387b8cbf57d90b 10446 net optional unbound_1.22.0-2+deb13u3_ppc64el-buildd.buildinfo
 5349eaf8514a1c7edfce1f21fb2de1d7 1039540 net optional unbound_1.22.0-2+deb13u3_ppc64el.deb

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEETLpi2USYGUNSlYhoNINNphgym2QFAmoVlrkACgkQNINNphgy
m2T5Zw/+P03EHUR81HI6hcUfSSZLvLm7PZTf0ePBNe7nlB0sNywkjW6QctEXmaYo
nZ3c45mchRPXNl5TaBsO/r5r8LZip2HnmfkwCPdpkxvhi/6VQtDhbNyWvRqDEKuL
dEAtos+J85jK+7XwfAk2fZB2h7yWxxsHJ+tMCuISDAmcVYuoRvyf2UH8sO5vaHtQ
VJDGnFpypjBiwIFd3qClCjLi1n28POOtfh1KYqaJ0dSCUv89CNYKq7VMmH+zEc7a
iliJbxosWbDVU66sxvvkjoVzabwHIuUUQGg6kyDlnHKDnz4dMfcxRIcD4aeFO6Ja
mMNxLuX9IbZLpnX00R7D4/3PWFTrJn8FCbgZG+UkpRKovEnymxXzeYtRWIkITkug
l+f8m7chzgFSy5RPKG2mefBkaX8EfzRuP5YK8KDD8BQLEM4bGM7L/w+XMJaDcA6W
ZP81j7NNMEouDpSLvOl3SRgYKov8g2KxMVgyAf5t+It3S43P2N3Od3A11q5Z2mhc
LIUDiZtvGCb00q5EAq+JsdNsfDRbmSifyuOZcLhrII6PIYwbEL4kSPwrzMOXqqK6
uVQknEJUscdUIQiVcJjjOGXKOTqxicvGy3KnWpRfX5mmmClSdvOJW+U5Tg2cTveG
7wH5SMoaW7GD9nhGNqMjB5Xmpr4ZVf0L3zCjxmNFCBSq4eje02U=
=HHSr
-----END PGP SIGNATURE-----