Aggregator

bind9-next-9.21.17-1.fc43

Fedora Security Advisories
1 week 2 days ago
FEDORA-2026-b31c8d8e83 Packages in this update:
  • bind9-next-9.21.17-1.fc43
Update description: Update to 9.21.17 (rhbz#2415843) Security Fixes:
  • Fix incorrect length checks for BRID and HHIT records. (CVE-2025-13878)
New Features:
  • Add support for Extended DNS Error 9 (Missing DNSKEY).
  • Add support for Extended DNS Error 13 (Cached Error).
  • Add support for Generalized DNS Notifications.
Features Changes:
  • Add more information to the rndc recursing output about fetches.
  • Enforce bounds of multiple configuration options.
Bug Fixes:
  • Fix inbound IXFR performance regression.
  • Make DNSSEC key rollovers more robust.
  • Fix a catalog zone issue, where member zones could fail to load.
  • Fix slow speed when signing a large delegation zone with NSEC3 opt-out.
  • Reconfiguring an NSEC3 opt-out zone to NSEC caused the zone to be invalid.
  • Fix a possible catalog zone issue during reconfiguration.
  • Fix the charts in the statistics channel.

https://downloads.isc.org/isc/bind9/9.21.17/doc/arm/html/notes.html#notes-for-bind-9-21-17

bind9-next-9.21.17-2.fc42

Fedora Security Advisories
1 week 2 days ago
FEDORA-2026-d8979b7a9c Packages in this update:
  • bind9-next-9.21.17-2.fc42
Update description: Update to 9.21.17 (rhbz#2415843) Security Fixes:
  • Fix incorrect length checks for BRID and HHIT records. (CVE-2025-13878)
New Features:
  • Add support for Extended DNS Error 9 (Missing DNSKEY).
  • Add support for Extended DNS Error 13 (Cached Error).
  • Add support for Generalized DNS Notifications.
Features Changes:
  • Add more information to the rndc recursing output about fetches.
  • Enforce bounds of multiple configuration options.
Bug Fixes:
  • Fix inbound IXFR performance regression.
  • Make DNSSEC key rollovers more robust.
  • Fix a catalog zone issue, where member zones could fail to load.
  • Fix slow speed when signing a large delegation zone with NSEC3 opt-out.
  • Reconfiguring an NSEC3 opt-out zone to NSEC caused the zone to be invalid.
  • Fix a possible catalog zone issue during reconfiguration.
  • Fix the charts in the statistics channel.

https://downloads.isc.org/isc/bind9/9.21.17/doc/arm/html/notes.html#notes-for-bind-9-21-17

bind-9.18.44-1.fc44 bind-dyndb-ldap-11.11-12.fc44

Fedora Security Advisories
1 week 2 days ago
FEDORA-2026-925e7cce85 Packages in this update:
  • bind-9.18.44-1.fc44
  • bind-dyndb-ldap-11.11-12.fc44
Update description: Update to 9.18.44 (rhbz#2431609) Security Fixes:
  • Fix incorrect length checks for BRID and HHIT records. (CVE-2025-13878)
Bug Fixes:
  • Allow glue in delegations with QTYPE=ANY.
  • Reconfiguring an NSEC3 opt-out zone to NSEC caused the zone to be invalid.

https://downloads.isc.org/isc/bind9/9.18.44/doc/arm/html/notes.html#notes-for-bind-9-18-44

USN-7975-1: pyasn1 vulnerability

Ubuntu Security Advisories
1 week 2 days ago
It was discovered that pyasn1 incorrectly handled malformed RELATIVE-OIDs with excessive continuation octets. An attacker could possibly use this issue to cause pyasn1 to consume memory, leading to a denial of service.

USN-7974-1: libxml2 vulnerabilities

Ubuntu Security Advisories
1 week 2 days ago
It was discovered that libxml2 incorrectly handled maliciously crafted SGML catalog files. An attacker could possibly use this issue to cause libxml2 to consume excessive resources, leading to a denial of service. (CVE-2025-8732) It was discovered that libxml2 incorrectly handled recursive include directories with the RelaxNG parser. An attacker could possibly use this issue to cause libxml2 to consume excessive resources, leading to a denial of service. (CVE-2026-0989) Nick Wellnhofer discovered that libxml2 incorrectly parsed catalogs with self-referencing URI delegates. An attacker could possibly use this issue to cause libxml2 to consume excessive resources, leading to a denial of service. (CVE-2026-0990) Nick Wellnhofer discovered that libxml2 inefficiently parsed catalogs linked with repeating nextCatalog elements. An attacker could possibly use this issue to cause libxml2 to use excessive resources, leading to a denial of service. (CVE-2026-0992)