SUSE-CU-2025:7900-1: Security update of suse/bind

sle-container-updates at lists.suse.com sle-container-updates at lists.suse.com
Sun Nov 2 10:15:04 UTC 2025 

SUSE Container Update Advisory: suse/bind
-----------------------------------------------------------------
Container Advisory ID : SUSE-CU-2025:7900-1
Container Tags        : suse/bind:9 , suse/bind:9.20 , suse/bind:9.20.15 , suse/bind:9.20.15-69.18 , suse/bind:latest
Container Release     : 69.18
Severity              : important
Type                  : security
References            : 1252160 1252378 1252379 1252380 CVE-2025-40778 CVE-2025-40780
                        CVE-2025-8677 
-----------------------------------------------------------------

The container suse/bind was updated. The following patches have been included in this update:

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2025:3877-1
Released:    Fri Oct 31 05:29:41 2025
Summary:     Recommended update for libselinux
Type:        recommended
Severity:    important
References:  1252160
This update for libselinux fixes the following issues:

- Ship license file (bsc#1252160)

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2025:3903-1
Released:    Fri Oct 31 18:08:19 2025
Summary:     Security update for bind
Type:        security
Severity:    important
References:  1252378,1252379,1252380,CVE-2025-40778,CVE-2025-40780,CVE-2025-8677
This update for bind fixes the following issues:

Upgrade to release 9.20.15:

- CVE-2025-8677: DNSSEC validation fails if matching but invalid DNSKEY is found (bsc#1252378).
- CVE-2025-40778: Address various spoofing attacks (bsc#1252379).
- CVE-2025-40780: Cache-poisoning due to weak pseudo-random number generator (bsc#1252380).


The following package changes have been done:

- libselinux1-3.5-150600.3.3.1 updated
- bind-utils-9.20.15-150700.3.12.1 updated
- bind-9.20.15-150700.3.12.1 updated
- container:suse-sle15-15.7-8e70bb7307ca65662baab1c1e7e29f27aa66f7ac7b8ef4a5220c77620851f351-0 updated
- container:registry.suse.com-bci-bci-micro-15.7-80232da400bb9587e412e53e6101d7a650a75d1e448597ce1cef3c4fdda86e7f-0 updated

More information about the sle-container-updates mailing list