Skip to content

bind: bump to 9.18.41 #27697

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 1 commit into from
Oct 23, 2025
Merged

bind: bump to 9.18.41 #27697

merged 1 commit into from
Oct 23, 2025

Conversation

@nmeyerhans
Copy link
Contributor

@nmeyerhans nmeyerhans commented Oct 23, 2025

📦 Package Details

Maintainer: me

Description:
Addresses the following security issues:

  • CVE-2025-8677: DNSSEC validation fails if matching but invalid DNSKEY is found.
  • CVE-2025-40778: Address various spoofing attacks.
  • CVE-2025-40780: Cache-poisoning due to weak pseudo-random number generator.

Full upstream changelog at
https://ftp.isc.org/isc/bind9/9.18.41/doc/arm/html/changelog.html

🧪 Run Testing Details

  • OpenWrt Version: 23.05
  • OpenWrt Target/Subtarget: malta
  • OpenWrt Device: qemu

✅ Formalities

  • I have reviewed the CONTRIBUTING.md file for detailed contributing guidelines.

If your PR contains a patch:

  • It can be applied using git am
  • It has been refreshed to avoid offsets, fuzzes, etc., using 
    make package/<your-package>/refresh V=s
  • It is structured in a way that it is potentially upstreamable
    (e.g., subject line, commit description, etc.)
    We must try to upstream patches to reduce maintenance burden.

@nmeyerhans
bind: bump to 9.18.41
800310f 
Addresses the following security issues:
- CVE-2025-8677: DNSSEC validation fails if matching but invalid
  DNSKEY is found.
- CVE-2025-40778: Address various spoofing attacks.
- CVE-2025-40780: Cache-poisoning due to weak pseudo-random number
  generator.

Full upstream changelog at
https://ftp.isc.org/isc/bind9/9.18.41/doc/arm/html/changelog.html

Signed-off-by: Noah Meyerhans <[email protected]>
@BKPepe BKPepe added the OpenWrt 23.05 (end of support) Issue/PR on branch 23.05 label Oct 23, 2025
@nmeyerhans nmeyerhans merged commit a2d5613 into openwrt:openwrt-23.05 Oct 23, 2025
16 of 22 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

OpenWrt 23.05 (end of support) Issue/PR on branch 23.05 security

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@nmeyerhans @BKPepe