ELSA-2025-19793

ELSA-2025-19793 - bind9.16 security update

Type:	SECURITY
Impact:	IMPORTANT
Release Date:	2025-11-05

Description

[32:9.16.23-0.22.4]
- Prevent cache poisoning due to weak PRNG (CVE-2025-40780)
- Address various spoofing attacks (CVE-2025-40778)
- Replace downstream fixes with upstream changes

[32:9.16.23-0.22.3]
- Update addresses of b.root-servers.net (RHEL-18449)

Related CVEs

CVE-2025-40780

CVE-2025-40778

Updated Packages

Release/Architecture	Filename	sha256	Superseded By Advisory	Channel Label
Oracle Linux 8 (aarch64)	bind9.16-9.16.23-0.22.el8_10.4.src.rpm	003a1a20793ce8d796e5e71027c23f1381bb0a79254e5270292bbb94c66f3ca1	-	ol8_aarch64_appstream
	bind9.16-9.16.23-0.22.el8_10.4.src.rpm	003a1a20793ce8d796e5e71027c23f1381bb0a79254e5270292bbb94c66f3ca1	-	ol8_aarch64_codeready_builder
	bind9.16-9.16.23-0.22.el8_10.4.aarch64.rpm	a075f7e4ae0563ebb09a8acac55b21d2ec3cb9cd933d8c4b99022ba1cac62af1	-	ol8_aarch64_appstream
	bind9.16-chroot-9.16.23-0.22.el8_10.4.aarch64.rpm	77dafd3a277961b3e8e978b83215c2337bc55c44d1e20ba2b1653780a3043fca	-	ol8_aarch64_appstream
	bind9.16-devel-9.16.23-0.22.el8_10.4.aarch64.rpm	e9a3deed6e39cb8135000f4fb26a31c0abe06cee2118fea9bd325875b3990eeb	-	ol8_aarch64_codeready_builder
	bind9.16-dnssec-utils-9.16.23-0.22.el8_10.4.aarch64.rpm	1d72614cc1a9a155c91434824f163bfd052a3b62728457ffe4bdcf9a2005aa17	-	ol8_aarch64_appstream
	bind9.16-doc-9.16.23-0.22.el8_10.4.noarch.rpm	b123d175203633bcd41a858539600e261b467f1e7e5b4a76bbebe58490016855	-	ol8_aarch64_codeready_builder
	bind9.16-libs-9.16.23-0.22.el8_10.4.aarch64.rpm	06b66bc9b94ce7dca00164bce3ddd78626354c21774763a1d49ba7fb8a6c7473	-	ol8_aarch64_appstream
	bind9.16-license-9.16.23-0.22.el8_10.4.noarch.rpm	6d9fc02a60bcdb07a2d57df96d4a0304a3e8061e1e0a858b3bd732f82665662f	-	ol8_aarch64_appstream
	bind9.16-utils-9.16.23-0.22.el8_10.4.aarch64.rpm	47320a271cb8ccd3bf65cad422667c715bd02ce8a70a76c87920d7cc41b6ddc0	-	ol8_aarch64_appstream
	python3-bind9.16-9.16.23-0.22.el8_10.4.noarch.rpm	a3b67eae47ed101fd7982f09690ef7001205bc55e05c0cfd3942e6896912b5c3	-	ol8_aarch64_appstream
Oracle Linux 8 (x86_64)	bind9.16-9.16.23-0.22.el8_10.4.src.rpm	003a1a20793ce8d796e5e71027c23f1381bb0a79254e5270292bbb94c66f3ca1	-	ol8_x86_64_appstream
	bind9.16-9.16.23-0.22.el8_10.4.src.rpm	003a1a20793ce8d796e5e71027c23f1381bb0a79254e5270292bbb94c66f3ca1	-	ol8_x86_64_codeready_builder
	bind9.16-9.16.23-0.22.el8_10.4.x86_64.rpm	7b8561fc813c59469b6c395768d67255d0d1c0f3a80d026b450fa1bfa67a3cc2	-	ol8_x86_64_appstream
	bind9.16-chroot-9.16.23-0.22.el8_10.4.x86_64.rpm	750cb63a28d3c9a778e3e79783fd0555c9c90e9c86705f1a5193f2bd576bb739	-	ol8_x86_64_appstream
	bind9.16-devel-9.16.23-0.22.el8_10.4.i686.rpm	743ace698b3082dbfa2915c35f2dd494e10efee3708e70631e6341539bd9fd61	-	ol8_x86_64_codeready_builder
	bind9.16-devel-9.16.23-0.22.el8_10.4.x86_64.rpm	571ef8732c5747f5147ba03305c347b401ee67b704b2ef366a39bf1337d6f3d0	-	ol8_x86_64_codeready_builder
	bind9.16-dnssec-utils-9.16.23-0.22.el8_10.4.x86_64.rpm	9e176d75fe01ebef82406974ef7646248ec034ad3f70bc3d6815b15eda77b4b2	-	ol8_x86_64_appstream
	bind9.16-doc-9.16.23-0.22.el8_10.4.noarch.rpm	b123d175203633bcd41a858539600e261b467f1e7e5b4a76bbebe58490016855	-	ol8_x86_64_codeready_builder
	bind9.16-libs-9.16.23-0.22.el8_10.4.i686.rpm	a520f18ce9d902a30aa11dd97176635ef526e111636016268b4088dd88e8bbb8	-	ol8_x86_64_codeready_builder
	bind9.16-libs-9.16.23-0.22.el8_10.4.x86_64.rpm	8092bdf0cd0712260e257362d9f8d6690e03b0a085b574589a5770a106d27359	-	ol8_x86_64_appstream
	bind9.16-license-9.16.23-0.22.el8_10.4.noarch.rpm	6d9fc02a60bcdb07a2d57df96d4a0304a3e8061e1e0a858b3bd732f82665662f	-	ol8_x86_64_appstream
	bind9.16-utils-9.16.23-0.22.el8_10.4.x86_64.rpm	155478af7cdcb6420e5d79635c4e0e3d8a1cabd9f46f8bad888f6fe2a509fbce	-	ol8_x86_64_appstream
	python3-bind9.16-9.16.23-0.22.el8_10.4.noarch.rpm	a3b67eae47ed101fd7982f09690ef7001205bc55e05c0cfd3942e6896912b5c3	-	ol8_x86_64_appstream

This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections please contact the Oracle Linux ULN team