!88 fix CVE-2024-1488

From: @eaglegai 
Reviewed-by: @gebidelidaye 
Signed-off-by: @gebidelidaye

unbound.conf

@@ -1086,7 +1086,7 @@ remote-control:
 	# Enable remote control with unbound-control(8) here.
 	# set up the keys and certificates with unbound-control-setup.
 	# Note: required for unbound-munin package
-	control-enable: yes
+	control-enable: no
 
 	# Set to no and use an absolute path as control-interface to use
 	# a unix local named pipe for unbound-control.
@@ -1102,10 +1102,6 @@ remote-control:
 	# port number for remote control operations.
 	# control-port: 8953
 
-	# for localhost, you can disable use of TLS by setting this to "no"
-	# For local sockets this option is ignored, and TLS is not used.
-	control-use-cert: "no"
-
 	# Unbound server key file.
 	server-key-file: "/etc/unbound/unbound_server.key"
 

unbound.spec

@@ -2,7 +2,7 @@
 
 Name:          unbound
 Version:       1.17.1
-Release:       2
+Release:       3
 Summary:       Unbound is a validating, recursive, caching DNS resolver
 License:       BSD-3-Clause
 Url:           https://nlnetlabs.nl/projects/unbound/about/
@@ -235,6 +235,12 @@ popd
 %{_mandir}/man*
 
 %changelog
+* Tue Feb 27 2024 gaihuiying <eaglegai@163.com> - 1.17.1-3
+- Type:cves
+- CVE:CVE-2024-1488
+- SUG:NA
+- DESC:fix CVE-2024-1488
+
 * Fri Feb 23 2024 gaihuiying <eaglegai@163.com> - 1.17.1-2
 - Type:bugfix
 - CVE:NA