Oracle alert ELSA-2025-19950 (bind9.18)

From:
             
 
Errata Announcements for Oracle Linux via El-errata <el-errata@oss.oracle.com>
To:
             
 
el-errata@oss.oracle.com
Subject:
             
 
[El-errata] ELSA-2025-19950 Important: Oracle Linux 9 bind9.18 security update
Date:
             
 
Tue, 11 Nov 2025 10:17:32 -0800
Message-ID:
             
 
<mailman.175.1762885060.31.el-errata@oss.oracle.com>
Oracle Linux Security Advisory ELSA-2025-19950

http://linux.oracle.com/errata/ELSA-2025-19950.html

The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network:

x86_64:
bind9.18-9.18.29-4.el9_6.2.x86_64.rpm
bind9.18-chroot-9.18.29-4.el9_6.2.x86_64.rpm
bind9.18-devel-9.18.29-4.el9_6.2.i686.rpm
bind9.18-devel-9.18.29-4.el9_6.2.x86_64.rpm
bind9.18-dnssec-utils-9.18.29-4.el9_6.2.x86_64.rpm
bind9.18-doc-9.18.29-4.el9_6.2.noarch.rpm
bind9.18-libs-9.18.29-4.el9_6.2.i686.rpm
bind9.18-libs-9.18.29-4.el9_6.2.x86_64.rpm
bind9.18-utils-9.18.29-4.el9_6.2.x86_64.rpm

aarch64:
bind9.18-9.18.29-4.el9_6.2.aarch64.rpm
bind9.18-chroot-9.18.29-4.el9_6.2.aarch64.rpm
bind9.18-devel-9.18.29-4.el9_6.2.aarch64.rpm
bind9.18-dnssec-utils-9.18.29-4.el9_6.2.aarch64.rpm
bind9.18-doc-9.18.29-4.el9_6.2.noarch.rpm
bind9.18-libs-9.18.29-4.el9_6.2.aarch64.rpm
bind9.18-utils-9.18.29-4.el9_6.2.aarch64.rpm


SRPMS:
http://oss.oracle.com/ol9/SRPMS-updates/bind9.18-9.18.29-...

Related CVEs:

CVE-2025-8677
CVE-2025-40778
CVE-2025-40780




Description of changes:

[32:9.18.29-4.2]
- Fix upstream reported regression in recent CVE fix (CVE-2025-8677)
- Add upstream created test to this regression

[32:9.18.29-4.1]
- Refuse malformed DNSKEY records (CVE-2025-8677)
- Address various spoofing attacks (CVE-2025-40778)
- Prevent cache poisoning due to weak PRNG (CVE-2025-40780)


_______________________________________________
El-errata mailing list
El-errata@oss.oracle.com
https://oss.oracle.com/mailman/listinfo/el-errata