[Medium] Upgrade bind to fix CVE-2025-40777 (microsoft#14348)

Author: kevin-b-lockwood

SPECS/bind/bind.signatures.json

@@ -1,6 +1,6 @@
 {
  "Signatures": {
-  "bind-9.20.9.tar.xz": "3d26900ed9c9a859073ffea9b97e292c1248dad18279b17b05fcb23c3091f86d",
+  "bind-9.20.11.tar.xz": "4da2d532e668bc21e883f6e6d9d3d81794d9ec60b181530385649a56f46ee17a",
   "dlz-modules-main.tar.gz": "884bef3535317a7757ad0e3556a27e2ed1a80f5b1040bce4074780c8719667d0",
   "generate-rndc-key.sh": "da0964516a9abe4074e262a1d0b7f63e63b2150c4cc2dddaaca029010383c422",
   "named-chroot.files": "5dbc7bd2a21836fb86cb740a2d4d72eb9f2b4f341996cd0c8ae9c39e95c0d76c",

SPECS/bind/bind.spec

@@ -9,7 +9,7 @@
 
 Summary:        Domain Name System software
 Name:           bind
-Version:        9.20.9
+Version:        9.20.11
 Release:        1%{?dist}
 License:        ISC
 Vendor:         Microsoft Corporation
@@ -536,6 +536,9 @@ fi;
 %{_mandir}/man1/named-nzd2nzf.1*
 
 %changelog
+* Fri Jul 18 2025 Kevin Lockwood <[email protected]> - 9.20.11-1
+- Upgrade to 9.20.11 - for CVE-2025-40777
+
 * Mon May 26 2025 CBL-Mariner Servicing Account <[email protected]> - 9.20.9-1
 - Auto-upgrade to 9.20.9 - for CVE-2025-40775
 

SPECS/bind/nongit-fix.patch

@@ -12,7 +12,7 @@ index 9701cdb..b7c84f6 100644
 --- a/configure.ac
 +++ b/configure.ac
 @@ -19,7 +19,7 @@ m4_define([bind_VERSION_MINOR], 20)dnl
- m4_define([bind_VERSION_PATCH], 9)dnl
+ m4_define([bind_VERSION_PATCH], 11)dnl
  m4_define([bind_VERSION_EXTRA], )dnl
  m4_define([bind_DESCRIPTION], [(Stable Release)])dnl
 -m4_define([bind_SRCID], [m4_esyscmd_s([git rev-parse --short HEAD | cut -b1-7])])dnl

cgmanifest.json

@@ -1097,8 +1097,8 @@
         "type": "other",
         "other": {
           "name": "bind",
-          "version": "9.20.9",
-          "downloadUrl": "https://ftp.isc.org/isc/bind9/9.20.9/bind-9.20.9.tar.xz"
+          "version": "9.20.11",
+          "downloadUrl": "https://ftp.isc.org/isc/bind9/9.20.11/bind-9.20.11.tar.xz"
         }
       }
     },