Skip to content

Commit 751623b

Browse files
CBL-Mariner-BotKanishk-BansalKanishk Bansaljslobodzian
authored
Merge PR "[AUTO-CHERRYPICK] Upgrade bind to 9.20.15 for CVE-2025-40778, CVE-2025-8677, CVE-2025-40780 - branch 3.0-dev" microsoft#14976
Signed-off-by: Kanishk Bansal <[email protected]> Co-authored-by: Kanishk Bansal <[email protected]> Co-authored-by: Kanishk Bansal <[email protected]> Co-authored-by: jslobodzian <[email protected]>
1 parent 775ff99 commit 751623b

File tree

4 files changed

+31
-28
lines changed

4 files changed

+31
-28
lines changed

SPECS/bind/bind.signatures.json

Lines changed: 18 additions & 18 deletions
Original file line numberDiff line numberDiff line change
@@ -1,19 +1,19 @@
11
{
2-
"Signatures": {
3-
"bind-9.20.11.tar.xz": "4da2d532e668bc21e883f6e6d9d3d81794d9ec60b181530385649a56f46ee17a",
4-
"dlz-modules-main.tar.gz": "884bef3535317a7757ad0e3556a27e2ed1a80f5b1040bce4074780c8719667d0",
5-
"generate-rndc-key.sh": "da0964516a9abe4074e262a1d0b7f63e63b2150c4cc2dddaaca029010383c422",
6-
"named-chroot.files": "5dbc7bd2a21836fb86cb740a2d4d72eb9f2b4f341996cd0c8ae9c39e95c0d76c",
7-
"named.conf.sample": "1807f11df688de4eb8cdcc97bd1a8863d81b03b1f24af96f3639de40bc8e538a",
8-
"named.empty": "44e2cc6e10328cd3604148763458978f547ee54c3ff46468944d535644fc6da1",
9-
"named.localhost": "9a2aa18c87202a691cc641f0c7e027dff3a2bb30917990f1b04c237e667530c8",
10-
"named.logrotate": "748dd5d967d309d69b44f5451e2ce9d982af1b62448182f38ff76e83e45a4d61",
11-
"named.loopback": "58a0c65ef763372a1d85e63766194526bfe19f496a413db40d9febea777ba4c9",
12-
"named.rfc1912.zones": "61d2e64b8523e7d83c7cf9908538bf74b2f8f6993d52d7ab9c56cad25c23a92a",
13-
"named.root": "36bf9aa06206b6b82c58a55ab74920d8901938e4cf79b754b239bb0e5dc0951c",
14-
"named.root.key": "2a91cc1a1c3dd805aa149d8df6d9849d5e2ac0ad2c2ed93ddaf0234358e8c383",
15-
"named.rwtab": "6a4c84b6709211d09f2d71491d4c66d1d4c0115a9db247a5ed2a9db10e575735",
16-
"named.sysconfig": "8f8eff846667b7811358e289e9fe594de17d0e47f2b8cebf7840ad8db7f34816",
17-
"setup-named-chroot.sh": "786fbc88c7929fadf217cf2286f2eb03b6fba14843e5da40ad43c0022dd71c3a"
18-
}
19-
}
2+
"Signatures": {
3+
"dlz-modules-main.tar.gz": "884bef3535317a7757ad0e3556a27e2ed1a80f5b1040bce4074780c8719667d0",
4+
"generate-rndc-key.sh": "da0964516a9abe4074e262a1d0b7f63e63b2150c4cc2dddaaca029010383c422",
5+
"named-chroot.files": "5dbc7bd2a21836fb86cb740a2d4d72eb9f2b4f341996cd0c8ae9c39e95c0d76c",
6+
"named.conf.sample": "1807f11df688de4eb8cdcc97bd1a8863d81b03b1f24af96f3639de40bc8e538a",
7+
"named.empty": "44e2cc6e10328cd3604148763458978f547ee54c3ff46468944d535644fc6da1",
8+
"named.localhost": "9a2aa18c87202a691cc641f0c7e027dff3a2bb30917990f1b04c237e667530c8",
9+
"named.logrotate": "748dd5d967d309d69b44f5451e2ce9d982af1b62448182f38ff76e83e45a4d61",
10+
"named.loopback": "58a0c65ef763372a1d85e63766194526bfe19f496a413db40d9febea777ba4c9",
11+
"named.rfc1912.zones": "61d2e64b8523e7d83c7cf9908538bf74b2f8f6993d52d7ab9c56cad25c23a92a",
12+
"named.root": "36bf9aa06206b6b82c58a55ab74920d8901938e4cf79b754b239bb0e5dc0951c",
13+
"named.root.key": "2a91cc1a1c3dd805aa149d8df6d9849d5e2ac0ad2c2ed93ddaf0234358e8c383",
14+
"named.rwtab": "6a4c84b6709211d09f2d71491d4c66d1d4c0115a9db247a5ed2a9db10e575735",
15+
"named.sysconfig": "8f8eff846667b7811358e289e9fe594de17d0e47f2b8cebf7840ad8db7f34816",
16+
"setup-named-chroot.sh": "786fbc88c7929fadf217cf2286f2eb03b6fba14843e5da40ad43c0022dd71c3a",
17+
"bind-9.20.15.tar.xz": "d62b38fae48ba83fca6181112d0c71018d8b0f2ce285dc79dc6a0367722ccabb"
18+
}
19+
}

SPECS/bind/bind.spec

Lines changed: 4 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -9,7 +9,7 @@
99

1010
Summary: Domain Name System software
1111
Name: bind
12-
Version: 9.20.11
12+
Version: 9.20.15
1313
Release: 1%{?dist}
1414
License: ISC
1515
Vendor: Microsoft Corporation
@@ -536,6 +536,9 @@ fi;
536536
%{_mandir}/man1/named-nzd2nzf.1*
537537

538538
%changelog
539+
* Fri Oct 24 2025 Kanishk Bansal <[email protected]> - 9.20.15-1
540+
- Auto-upgrade to 9.20.15 - for CVE-2025-40778, CVE-2025-8677, CVE-2025-40780
541+
539542
* Fri Jul 18 2025 Kevin Lockwood <[email protected]> - 9.20.11-1
540543
- Upgrade to 9.20.11 - for CVE-2025-40777
541544

SPECS/bind/nongit-fix.patch

Lines changed: 7 additions & 7 deletions
Original file line numberDiff line numberDiff line change
@@ -1,18 +1,18 @@
1-
From 87098009404ea5d372be6268bd1d1ce356c1a4f5 Mon Sep 17 00:00:00 2001
2-
From: Kshitiz Godara <kgodara@microsoft.com>
3-
Date: Mon, 2 Jun 2025 16:33:19 +0000
4-
Subject: [PATCH 2/2] non-git download issue
1+
From 701de7b23826b983ba5ad674ca85e1ab607b79f6 Mon Sep 17 00:00:00 2001
2+
From: Kanishk Bansal <kanbansal@microsoft.com>
3+
Date: Fri, 24 Oct 2025 13:43:37 +0000
4+
Subject: [PATCH] nongit-fix.patch
55

66
---
77
configure.ac | 6 ++++--
88
1 file changed, 4 insertions(+), 2 deletions(-)
99

1010
diff --git a/configure.ac b/configure.ac
11-
index 9701cdb..b7c84f6 100644
11+
index a79b9d6..514587d 100644
1212
--- a/configure.ac
1313
+++ b/configure.ac
1414
@@ -19,7 +19,7 @@ m4_define([bind_VERSION_MINOR], 20)dnl
15-
m4_define([bind_VERSION_PATCH], 11)dnl
15+
m4_define([bind_VERSION_PATCH], 15)dnl
1616
m4_define([bind_VERSION_EXTRA], )dnl
1717
m4_define([bind_DESCRIPTION], [(Stable Release)])dnl
1818
-m4_define([bind_SRCID], [m4_esyscmd_s([git rev-parse --short HEAD | cut -b1-7])])dnl
@@ -32,5 +32,5 @@ index 9701cdb..b7c84f6 100644
3232

3333
#
3434
--
35-
2.45.3
35+
2.45.4
3636

cgmanifest.json

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -1117,8 +1117,8 @@
11171117
"type": "other",
11181118
"other": {
11191119
"name": "bind",
1120-
"version": "9.20.11",
1121-
"downloadUrl": "https://ftp.isc.org/isc/bind9/9.20.11/bind-9.20.11.tar.xz"
1120+
"version": "9.20.15",
1121+
"downloadUrl": "https://ftp.isc.org/isc/bind9/9.20.15/bind-9.20.15.tar.xz"
11221122
}
11231123
}
11241124
},

0 commit comments

Comments
 (0)