Explore top 10 tips to secure your open-source projects now. Read More

×
Alerts This Week
Warning Icon 1 555
Alerts This Week
Warning Icon 1 555

Fedora 42 BIND Important Security Fix NSEC3 Issue FEDORA-2026-7f3f640fbf

fedora
Calendar Grey April 9, 2026
Dist Fedora Esm H88
Fix NSEC3 iterations in BIND 9.18.47 for Fedora 42 with important updates and security enhancements.
Update to 9.18.47 (rhbz#2440561) Security Fixes: Fix unbounded NSEC3 iterations when validating referrals to unsigned delegations

Summary

BIND (Berkeley Internet Name Domain) is an implementation of the DNS

(Domain Name System) protocols. BIND includes a DNS server (named),

which resolves host names to IP addresses; a resolver library

(routines for applications to use when interfacing with DNS); and

tools for verifying that the DNS server is operating properly.

Update Information:

Update to 9.18.47 (rhbz#2440561) Security Fixes: Fix unbounded NSEC3 iterations when validating referrals to unsigned delegations. (CVE-2026-1519) Source: https://downloads.isc.org/isc/bind9/9.18.47/doc/arm/html/notes.html#notes-for- bind-9-18-47

Change Log

* Wed Mar 25 2026 Petr Men\u0161k - 32:9.18.47-1 - Update to 9.18.47 (rhbz#2440561) * Wed Jan 28 2026 Petr Men\u0161k - 32:9.18.44-2 - Create /var/named directories for bind-chroot (RHEL-132053) - Add forgotten _libdir/named into bind-chroot tmpfiles

References


[ 1 ] Bug #2440561 - bind-9.18.47 is available https://bugzilla.redhat.com/show_bug.cgi?id=2440561

Update Instructions

This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2026-7f3f640fbf' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

Severity
important
Lowest
Low
Medium
High
Critical

Name: bind
Product: Fedora 42
Version: 9.18.47
Release: 1.fc42
Summary: The Berkeley Internet Name Domain (BIND) DNS (Domain Name System) server

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.