Bump github.com/coredns/coredns from 1.14.0 to 1.14.2 in /dnsrocks

[dependabot]

Bumps github.com/coredns/coredns from 1.14.0 to 1.14.2.

Release notes

Sourced from github.com/coredns/coredns's releases.

v1.14.2

This release adds the new proxyproto plugin to support Proxy Protocol and preserve client IPs behind load balancers. It also includes enhancements such as improved DNS logging metadata and stronger randomness for loop detection (CVE-2026-26018), along with several bug fixes including TLS+IPv6 forwarding, improved CNAME handling and rewriting, allowing jitter disabling, prevention of an ACL bypass (CVE-2026-26017), and a Kubernetes plugin crash fix. In addition, the release updates the build to Go 1.26.1, which include security fixes addressing CVE-2026-27137, CVE-2026-27138, CVE-2026-27139, CVE-2026-25679, and CVE-2026-27142.

Brought to You By

Adphi Henrik Gerdes hide Kelly Kane Shiv Tyagi vflaux Ville Vesilehto yangsenzk Yong Tang YOUNEVSKY

Noteworthy Changes

• core: Reorder rewrite before acl to prevent bypass (coredns/coredns#7882)
• plugin/file: Return SOA and NS records when queried for a record CNAMEd to origin (coredns/coredns#7808)
• plugin/forward: Fix parsing error when handling TLS+IPv6 address (coredns/coredns#7848)
• plugin/log: Add metadata for response Type and Class to Log (coredns/coredns#7806)
• plugin/loop: Use crypto/rand for query name generation (coredns/coredns#7881)
• plugin/kubernetes: Fix panic on empty ListenHosts (coredns/coredns#7857)
• plugin/proxyproto: Add proxy protocol support (coredns/coredns#7738)
• plugin/reload: Allow disabling jitter with 0s (coredns/coredns#7896)
• plugin/rewrite: Fix cname target rewrite for CNAME chains (coredns/coredns#7853)

v1.14.1

This release primarily addresses security vulnerabilities affecting Go versions prior to Go 1.25.6 and Go 1.24.12 (CVE-2025-61728, CVE-2025-61726, CVE-2025-68121, CVE-2025-61731, CVE-2025-68119). It also includes performance improvements to the proxy plugin via multiplexed connections, along with various documentation updates.

Brought to You By

Alex Massy Shiv Tyagi Ville Vesilehto Yong Tang

Noteworthy Changes

... (truncated)

Commits

• dd1df4f Update release note for upcoming 1.14.2 (#7897)
• 8c271b8 Bump golang to 1.26.1 (#7902)
• 51a11b3 plugin/reload: Allow disabling jitter with 0s (#7896)
• 5d97c15 Bump version to 1.14.2 (#7895)
• ba3b6ce build(deps): bump github.com/aws/aws-sdk-go-v2/service/route53 (#7893)
• b760b24 build(deps): bump google.golang.org/api from 0.267.0 to 0.269.0 (#7890)
• a012d9e build(deps): bump github.com/aws/aws-sdk-go-v2/service/secretsmanager (#7892)
• 465d75b build(deps): bump go.opentelemetry.io/otel/sdk from 1.39.0 to 1.40.0 (#7885)
• 86d9bc7 build: add grpcnotrace tag to exclude x/net/trace (#7884)
• 442f106 build(deps): bump actions/upload-artifact from 6.0.0 to 7.0.0 (#7886)
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
  You can disable automated security fix PRs for this repo from the Security Alerts page.