Gnoppix Security Updates: Critical Unbound Flaw Patched
Gnoppix 23/25 and Gnoppix 25 users must update the Unbound DNS resolver immediately. A severe vulnerability could crash the service or expose sensitive memory data.
The flaw (CVE-2026-0061) triggers during specific DNS query processing. An attacker can exploit this remotely to cause a denial of service or potentially leak information.
Critical warning: This bug impacts all currently supported Gnoppix releases.
What was vulnerable
The issue lies in Unbound’s handling of DNS responses. Malformed records can corrupt the resolver’s internal state.
Required action
- Update package to unbound version 1.22.0-1+deb12u1 (for Gnoppix 23/25).
- Reboot or restart the unbound service after installation.
Background This patch is the sole fix beyond standard upstream maintenance. Administrators on older versions should upgrade without delay. - Please update your systems.