fix unbound CVE (#4002)

Co-authored-by: Henry Li <lihl@microsoft.com>
2022-10-12 15:27:06 -07:00 · 2022-10-12 15:27:06 -07:00 · e37c7d8dee
--- a/SPECS/unbound/unbound.signatures.json
+++ b/SPECS/unbound/unbound.signatures.json
@ -1,6 +1,6 @@
 {
 "Signatures": {
-  "unbound-release-1.16.2.tar.gz": "2f5582af085eb461286761920547ade76f0bdf73d17b7a519c0b64ca948b356c",
+  "unbound-release-1.16.3.tar.gz": "df6359aadca02148f3ad0cc08edc7bdd031fb1dec73f0c51ed82bfec502bcb56",
  "unbound.service": "563389e2bf92e13541d68c7bcac6bc6635931aa86509d45393864d24aacc7147"
 }
 }
--- a/SPECS/unbound/unbound.spec
+++ b/SPECS/unbound/unbound.spec
@ -1,6 +1,6 @@
 Summary:        unbound dns server
 Name:           unbound
-Version:        1.16.2
+Version:        1.16.3
 Release:        1%{?dist}
 License:        BSD
 Vendor:         Microsoft Corporation
@ -96,6 +96,9 @@ useradd -r -g unbound -d %{_sysconfdir}/unbound -s /sbin/nologin \
 %{_mandir}/*

 %changelog
+* Wed Oct 12 2022 Henry Li <lihl@microsoft.com> - 1.16.3-1
+- Upgrade to version 1.16.3 to resolve CVE-2022-3204
+
 * Tue Aug 16 2022 Muhammad Falak <mwani@microsoft.com> - 1.16.2-1
 - Bump version to address CVE-2022-30698

--- a/cgmanifest.json
+++ b/cgmanifest.json
@ -26437,8 +26437,8 @@
        "type": "other",
        "other": {
          "name": "unbound",
-          "version": "1.16.2",
-          "downloadUrl": "https://github.com/NLnetLabs/unbound/archive/release-1.16.2.tar.gz"
+          "version": "1.16.3",
+          "downloadUrl": "https://github.com/NLnetLabs/unbound/archive/release-1.16.3.tar.gz"
        }
      }
    },