Stay Connected:

ELSA-2025-19950

ELSA-2025-19950 - bind9.18 security update

Type:SECURITY
Impact:IMPORTANT
Release Date:2025-11-10

Description


[32:9.18.29-4.2]
- Fix upstream reported regression in recent CVE fix (CVE-2025-8677)
- Add upstream created test to this regression

[32:9.18.29-4.1]
- Refuse malformed DNSKEY records (CVE-2025-8677)
- Address various spoofing attacks (CVE-2025-40778)
- Prevent cache poisoning due to weak PRNG (CVE-2025-40780)


Related CVEs


CVE-2025-8677
CVE-2025-40780
CVE-2025-40778

Updated Packages


Release/ArchitectureFilenamesha256Superseded By AdvisoryChannel Label
Oracle Linux 9 (aarch64) bind9.18-9.18.29-4.el9_6.2.src.rpmddabdca9ae5ac4b4602b916a1c9b5b0de81f4c66fcc853f4946fad435478e7c0-ol9_aarch64_appstream
bind9.18-9.18.29-4.el9_6.2.src.rpmddabdca9ae5ac4b4602b916a1c9b5b0de81f4c66fcc853f4946fad435478e7c0-ol9_aarch64_codeready_builder
bind9.18-9.18.29-4.el9_6.2.aarch64.rpm7dac30dec701cca488cabf9bba69440954a89ea4102dcbbbeeac5b691780ee74-ol9_aarch64_appstream
bind9.18-chroot-9.18.29-4.el9_6.2.aarch64.rpm7a055fbae715fc1795f4c53b4197b269e707ad7fbe4c3e58172f2dcc9e69ef46-ol9_aarch64_appstream
bind9.18-devel-9.18.29-4.el9_6.2.aarch64.rpma7953689a05856a4b65363b59e2095abc31d916e02d72f2f8c1eb26da1565fb2-ol9_aarch64_codeready_builder
bind9.18-dnssec-utils-9.18.29-4.el9_6.2.aarch64.rpmddab110ed3d4409c3f01f1244b7fc5e574144aab89fc2ee121a2e34b72b2991b-ol9_aarch64_appstream
bind9.18-doc-9.18.29-4.el9_6.2.noarch.rpm5aa8b09c0c72f3ca0701350742b5bd4094606da34698a8ff188fada038711cb9-ol9_aarch64_codeready_builder
bind9.18-libs-9.18.29-4.el9_6.2.aarch64.rpm0dfd740db49332dbe909cdb78ca14ce44716b6d80309fc15795faee573464739-ol9_aarch64_appstream
bind9.18-utils-9.18.29-4.el9_6.2.aarch64.rpm2a0e480ee7ec3d4d5210d988abca2d87f9b22ec1df51dd14314e20beb34be111-ol9_aarch64_appstream
Oracle Linux 9 (x86_64) bind9.18-9.18.29-4.el9_6.2.src.rpmddabdca9ae5ac4b4602b916a1c9b5b0de81f4c66fcc853f4946fad435478e7c0-ol9_x86_64_appstream
bind9.18-9.18.29-4.el9_6.2.src.rpmddabdca9ae5ac4b4602b916a1c9b5b0de81f4c66fcc853f4946fad435478e7c0-ol9_x86_64_codeready_builder
bind9.18-9.18.29-4.el9_6.2.x86_64.rpm71e7735aa3f12d7332aa9328a411bce21d8b84f066cf7cd5cc21a99f557c9a66-ol9_x86_64_appstream
bind9.18-chroot-9.18.29-4.el9_6.2.x86_64.rpm7eda7a614e0862e2d1762f96a962a3cb69b53f8f66a882ddcc1df1551cf3bf36-ol9_x86_64_appstream
bind9.18-devel-9.18.29-4.el9_6.2.i686.rpm74936cc0b87def2259960c34f093e4ba15d90f3eeca23038f597c855680f759c-ol9_x86_64_codeready_builder
bind9.18-devel-9.18.29-4.el9_6.2.x86_64.rpm18ede241c420e891be57d55194a5777d96f413f2cc4cd7a0fc7f99344d148010-ol9_x86_64_codeready_builder
bind9.18-dnssec-utils-9.18.29-4.el9_6.2.x86_64.rpm36440970a2cbdca8576b66b0eb83bc9ec43c09a20dcbb585216442624d51b708-ol9_x86_64_appstream
bind9.18-doc-9.18.29-4.el9_6.2.noarch.rpm5aa8b09c0c72f3ca0701350742b5bd4094606da34698a8ff188fada038711cb9-ol9_x86_64_codeready_builder
bind9.18-libs-9.18.29-4.el9_6.2.i686.rpm2887654802581cd53324ab24a1e4e6298b35a02a7d131a8fca9dc440b809c4b7-ol9_x86_64_codeready_builder
bind9.18-libs-9.18.29-4.el9_6.2.x86_64.rpm4d83d4a8277b5c73bca884cc163648d15e34319681111a5f2cd3ec4fd5766340-ol9_x86_64_appstream
bind9.18-utils-9.18.29-4.el9_6.2.x86_64.rpm10d507d1ccf2eb55950dd3c505fd75aae5af4909142221c7c0dd584cb2103b96-ol9_x86_64_appstream



This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections please contact the Oracle Linux ULN team

software.hardware.complete
Subscribe | Careers | Contact Us | Legal Notices | Terms of Use | Your Privacy Rights