NXNSAttack, fix included in Unbound 1.10.1


The new released Unbound 1.10.1 includes a fix for NXNSAttack (CVE-2020-12662).

Article on a German IT site about NXNSAttack.


Any ideas on how to update to this version of Unbound with a Buster installation?

There is only one solution: remove the one installed via the repository of your OS and compile it yourself. That's the way I use Unbound for a long time.

Understood. Yeah, I see Buster ships with version 1.9 of Unbound, and they most likely won’t be updating that anytime soon. I’ll use some Google-Fu and look into compiling the latest version. Never done that before and sounds like it might be out of my skill-set, but I’ll look into it. Thanks.

As it is a security fix, there is a chance that it will be merged in Unbound 1.9.0 of Debian Stable and offered as update.

Send me a PM if you need some help or the needed steps.

1 Like

Thanks!! I sent you a PM.

Would it be allowed to post that here? I'm also interested (currently running Unbound 1.10.0 out of the Raspbian Bullseye set of packages)

As it has nothing to do with Pi-hole I don't post it here, and I don't want a "how to compile Unbound" thread.

@staff, please set this FYI-thread to closed.