Explore top 10 tips to secure your open-source projects now. Read More

×
Alerts This Week
Warning Icon 1 580
Alerts This Week
Warning Icon 1 580

openSUSE Leap 16.0 CoreDNS Important Updates Resolution 2026-20619-1

opensuse
Calendar Grey April 24, 2026
Dist Opensuse Esm H88
An important security update for CoreDNS in openSUSE addresses multiple vulnerabilities and bug fixes for enhanced system stability.
An update that solves 7 vulnerabilities and has 2 bug fixes can now be installed.

Description

This update for coredns fixes the following issues:

Changes in coredns:

- Update to version 1.14.2:

* plugin/reload: Allow disabling jitter with 0s

* bump deps

* plugin/forward: fix parsing error when handling TLS+IPv6 address

* plugin/loop: use crypto/rand for query name generation

* plugin: reorder rewrite before acl to prevent bypass

* fix(rewrite): fix cname target rewrite for CNAME chains

* fix(kubernetes): panic on empty ListenHosts

* chore: bump minimum Go version to 1.25

* feat(proxyproto): add proxy protocol support

* refactor(cache): modernize with generics

* Add metadata for response Type and Class to Log

* docs: clarify kubernetes auth docs

* fix: return SOA and NS records when queried for a record CNAMEd to origin

- fixes bsc#1259320 CVE-2026-26017

- fixes bsc#1259319 CVE-2026-26018

- address more unstable unstable tests under aarch64 and s390x

- Update to version 1.14.1:

* This release primarily addresses security vulnerabilities...

Read the Full Advisory

Patch

Package List

- openSUSE Leap 16.0:

coredns-1.14.2-bp160.1.1

coredns-extras-1.14.2-bp160.1.1

References

* bsc#1259319

* bsc#1259320

References:

* https://www.suse.com/security/cve/CVE-2025-61726.html

* https://www.suse.com/security/cve/CVE-2025-61728.html

* https://www.suse.com/security/cve/CVE-2025-61731.html

* https://www.suse.com/security/cve/CVE-2025-68119.html

* https://www.suse.com/security/cve/CVE-2025-68121.html

* https://www.suse.com/security/cve/CVE-2026-26017.html

* https://www.suse.com/security/cve/CVE-2026-26018.html

Severity
important
Lowest
Low
Medium
High
Critical

Announcement ID: openSUSE-SU-2026:20619-1
Rating: important
Affected Products: openSUSE Leap 16.0 -------------------------------------------------------------

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.