Explore top 10 tips to secure your open-source projects now. Read More

×
Alerts This Week
Warning Icon 1 523
Alerts This Week
Warning Icon 1 523

Fedora 43: Critical Update for BIND in Dual-Signed Domains Validations

fedora
Calendar Grey November 9, 2025
Scroller Fedora
Fix for dual-signed domains verification issue in bind on Fedora 43 addresses unsupported algorithms.
Fix dual-signed domains verification, when one of algorithms is not supported.

Summary

BIND (Berkeley Internet Name Domain) is an implementation of the DNS

(Domain Name System) protocols. BIND includes a DNS server (named),

which resolves host names to IP addresses; a resolver library

(routines for applications to use when interfacing with DNS); and

tools for verifying that the DNS server is operating properly.

Update Information:

Fix dual-signed domains verification, when one of algorithms is not supported.

Change Log

* Fri Oct 31 2025 Petr Men\u0161k - 32:9.18.41-2 - Fix upstream reported regression in recent CVE fix (CVE-2025-8677) - Add upstream dnssec system test testcase for this problem

References


[ 1 ] Bug #2413070 - Regression with disabled algorithms after CVE-2025-8677 fixes https://bugzilla.redhat.com/show_bug.cgi?id=2413070

Update Instructions

This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2025-3e245eae46' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

Severity
important
Lowest
Low
Medium
High
Critical

Name: bind
Product: Fedora 43
Version: 9.18.41
Release: 2.fc43
Summary: The Berkeley Internet Name Domain (BIND) DNS (Domain Name System) server

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.