Debian Package Tracker

From: Debian FTP Masters <ftpmaster@ftp-master.debian.org>
To: <>
Subject: Accepted bind9 1:9.18.41-1~deb12u1 (source) into oldstable-security
Date: Thu, 23 Oct 2025 18:08:29 +0000
Signed by: Ondřej Surý <ondrej@debian.org>
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Wed, 22 Oct 2025 17:38:58 +0200
Source: bind9
Architecture: source
Version: 1:9.18.41-1~deb12u1
Distribution: bookworm-security
Urgency: high
Maintainer: Debian DNS Team <team+dns@tracker.debian.org>
Changed-By: Ondřej Surý <ondrej@debian.org>
Changes:
 bind9 (1:9.18.41-1~deb12u1) bookworm-security; urgency=high
 .
   * New upstream version 9.18.41
    - [CVE-2025-8677]: DNSSEC validation fails if matching but invalid
      DNSKEY is found
    - [CVE-2025-40778]: Address various spoofing attacks.
    - [CVE-2025-40780]: Cache-poisoning due to weak pseudo-random number
      generator
Checksums-Sha1:
 20ef513138315d7e9dce022a764fac25570c4c42 3325 bind9_9.18.41-1~deb12u1.dsc
 c9d64e0bf440a25e40c6b16f40dc3f703fac9bf4 5427116 bind9_9.18.41.orig.tar.xz
 46d738e9ed520788ad4fc99d8c4efd19576c6e13 833 bind9_9.18.41.orig.tar.xz.asc
 33a4ae827082a61759c91a956a77b4aeebf12df4 61624 bind9_9.18.41-1~deb12u1.debian.tar.xz
 cea4f88062c2f3fc75432c4b3701e59186139791 15906 bind9_9.18.41-1~deb12u1_amd64.buildinfo
Checksums-Sha256:
 b332113d35b31104cd8c0bf1ccdd7a3a45863b5b766004fb347fe07458287b14 3325 bind9_9.18.41-1~deb12u1.dsc
 6ddc1d981511c4da0b203b0513af131e5d15e5f1c261145736fe1f35dd1fe79d 5427116 bind9_9.18.41.orig.tar.xz
 e6b623056198460bb223fe2f30957a4b601f223c4160a6a4eebd049c72a54e13 833 bind9_9.18.41.orig.tar.xz.asc
 1441761561ceb0ea6cbf2bd309d543311ecbbefd87246cc7839af9ac94a39049 61624 bind9_9.18.41-1~deb12u1.debian.tar.xz
 daa9b05a05f7ffe57d349e13a51e39daf8c15dc18ef68d39b5d22f01ec401a56 15906 bind9_9.18.41-1~deb12u1_amd64.buildinfo
Files:
 faf73e7b26fb248507f92ec4e9de980a 3325 net optional bind9_9.18.41-1~deb12u1.dsc
 f672dd79a67978fab5253201cd605247 5427116 net optional bind9_9.18.41.orig.tar.xz
 c46b78cfa523b1037c337d0a42fdcd31 833 net optional bind9_9.18.41.orig.tar.xz.asc
 9bfdaf05eb9dfd547031619552acfb9c 61624 net optional bind9_9.18.41-1~deb12u1.debian.tar.xz
 2f7d957180306ef0ee2d5263dbdf00e4 15906 net optional bind9_9.18.41-1~deb12u1_amd64.buildinfo

-----BEGIN PGP SIGNATURE-----

iQKTBAEBCgB9FiEEw2Gx4wKVQ+vGJel9g3Kkd++uWcIFAmj5S4lfFIAAAAAALgAo
aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldEMz
NjFCMUUzMDI5NTQzRUJDNjI1RTk3RDgzNzJBNDc3RUZBRTU5QzIACgkQg3Kkd++u
WcJNQRAAgSiJNbnLh6bqXiFA01usEKUOPfSY02HD+ypgnN2XDqZi+oC7y7EJ9xkO
uTsiFqiPP+TAh7lW3gQdo6uiNURwTxdC1iTLTArao3pIH3Csh4rrg/MWVZKEz8R9
pAnsG8ULYxQqYwPTer1rTJyHrVmEbeKaIHH40jRaLxI8NJHyEuebwSREGwOAjVo9
MYYNvwnd/jIcYBq6HI3sqTwXWgBHabUv9BJhRCoiX3+zWXJgu8OkCRS54/sqQn1m
NCq2r26fkWwhnKYIRocEEv7LBl+97tqgQNxRsCeB7RUTq+HD5amg1P69B9Z5KqGP
tOWALpuQvzd7CHjzt5hVrkFsT2uE8N/Vnzq5igZK6V6gWmtTpJAdV15qaECCY799
TKaQr0aR/UHvyqtPS4iAcgvEHR4yVYl4kZJ3k6rUNPvtvPcvOIq0cVjT4bOqdR56
P+tzRCa3zTUhpVbQJkHdn5HEHRqlUBOihu9/P2epve3nlO5UY/4JNl+jhFzgFXjh
DL1Pj3uhzeUeEL+mf7YmKrqzvoL/XqvfWwvCUfsYlCgedllyQ2H7jGKiysEeFE/Y
zKT+RnfLhrx3KhwyrsuQohngNI238yz1VxdP/Q1qMvX0CL/o9oV9Vamn+aFk48aR
TQ0MKPe9kvmjT3Evg3cUduX2TkDx1ELvTDzTwTbq9lrL7/eIa1c=
=Bew4
-----END PGP SIGNATURE-----
News for package bind9
