After months of fundraising, we have reached our goal to fund the Unbound DNS audit!
We would like to thank the primary supporters of this security review, Private Internet Access and Let’s Encrypt.
Unbound DNS is DNS server software that offers both DNSSEC and DNS-over-TLS (aka DoT) functionality. It is used in hundreds of other open source projects as a security anchor that prevents DNS cache poisoning. It is a crucial piece of infrastructure and a thorough security review will give us the broad assurances that the world needs to rely on Unbound.
The next steps for this project are to figure out the available dates for the team to do the security review, and make the initial payment for the work to be done. Then X41 D-Sec will carry out the audit and report their findings to the Unbound DNS security team for review and to assist with any potential fixes that are needed.
From there, patches will be created and once updates are pushed, we will proceed with releasing all of our results to the public.