From 66c36ae662fde8650fb604cf49a582ced9262915 Mon Sep 17 00:00:00 2001
From: eaglegai <eaglegai@163.com>
Date: Tue, 27 Feb 2024 02:45:53 +0000
Subject: [PATCH] fix CVE-2024-1488

(cherry picked from commit 1cf5fe79d84d50636922c83d71ebb7a4195ecee3)
---
 unbound.conf | 2 +-
 unbound.spec | 8 +++++++-
 2 files changed, 8 insertions(+), 2 deletions(-)

diff --git a/unbound.conf b/unbound.conf
index 748a661..42e3573 100644
--- a/unbound.conf
+++ b/unbound.conf
@@ -805,7 +805,7 @@ remote-control:
 	# Enable remote control with unbound-control(8) here.
 	# set up the keys and certificates with unbound-control-setup.
 	# Note: required for unbound-munin package
-	control-enable: yes
+	control-enable: no
 
 	# Set to no and use an absolute path as control-interface to use
 	# a unix local named pipe for unbound-control.
diff --git a/unbound.spec b/unbound.spec
index 4968fba..cc11ddd 100644
--- a/unbound.spec
+++ b/unbound.spec
@@ -2,7 +2,7 @@
 
 Name:          unbound
 Version:       1.13.2
-Release:       9
+Release:       10
 Summary:       Unbound is a validating, recursive, caching DNS resolver
 License:       BSD
 Url:           https://nlnetlabs.nl/projects/unbound/about/
@@ -244,6 +244,12 @@ popd
 %{_mandir}/man*
 
 %changelog
+* Tue Feb 27 2024 gaihuiying <eaglegai@163.com> - 1.13.2-10
+- Type:cves
+- CVE:CVE-2024-1488
+- SUG:NA
+- DESC:fix CVE-2024-1488
+
 * Fri Feb 23 2024 gaihuiying <eaglegai@163.com> - 1.13.2-9
 - Type:bugfix
 - CVE:NA
-- 
Gitee