Explore top 10 tips to secure your open-source projects now. Read More
×
This update for coredns fixes the following issues:
Changes in coredns:
- Update to version 1.14.2:
* plugin/reload: Allow disabling jitter with 0s
* bump deps
* plugin/forward: fix parsing error when handling TLS+IPv6 address
* plugin/loop: use crypto/rand for query name generation
* plugin: reorder rewrite before acl to prevent bypass
* fix(rewrite): fix cname target rewrite for CNAME chains
* fix(kubernetes): panic on empty ListenHosts
* chore: bump minimum Go version to 1.25
* feat(proxyproto): add proxy protocol support
* refactor(cache): modernize with generics
* Add metadata for response Type and Class to Log
* docs: clarify kubernetes auth docs
* fix: return SOA and NS records when queried for a record CNAMEd to origin
- fixes bsc#1259320 CVE-2026-26017
- fixes bsc#1259319 CVE-2026-26018
- address more unstable unstable tests under aarch64 and s390x
- Update to version 1.14.1:
* This release primarily addresses security vulnerabilities...
Read the Full Advisory- openSUSE Leap 16.0:
coredns-1.14.2-bp160.1.1
coredns-extras-1.14.2-bp160.1.1
* bsc#1259319
* bsc#1259320
References:
* https://www.suse.com/security/cve/CVE-2025-61726.html
* https://www.suse.com/security/cve/CVE-2025-61728.html
* https://www.suse.com/security/cve/CVE-2025-61731.html
* https://www.suse.com/security/cve/CVE-2025-68119.html
* https://www.suse.com/security/cve/CVE-2025-68121.html
* https://www.suse.com/security/cve/CVE-2026-26017.html
* https://www.suse.com/security/cve/CVE-2026-26018.html
Get the latest Linux and open source security news straight to your inbox.