From: Noah Meyerhans <frodo@morgul.net>
Date: Wed, 22 Oct 2025 20:29:11 +0000 (-0400)
Subject: bind: bump to 9.20.15
X-Git-Url: http://git.openwrt.org/%22https:/collectd.org//%22/%22https:/collectd.org/%22?a=commitdiff_plain;h=59465b95b847c2925993b2472d08af6f7571d770;p=feed%2Fpackages.git

bind: bump to 9.20.15

Fixes the following security issues:

- CVE-2025-8677: DNSSEC validation fails if matching but invalid
  DNSKEY is found.
- CVE-2025-40778 Address various spoofing attacks.
- CVE-2025-40780 Cache-poisoning due to weak pseudo-random number
  generator.

The complete list of changes from version 9.20.11 is available in the
upstream changelog at
https://ftp.isc.org/isc/bind9/9.20.15/doc/arm/html/changelog.html

Signed-off-by: Noah Meyerhans <frodo@morgul.net>
---

diff --git a/net/bind/Makefile b/net/bind/Makefile
index 9c4f8c3f80..2eb7c30738 100644
--- a/net/bind/Makefile
+++ b/net/bind/Makefile
@@ -9,8 +9,8 @@
 include $(TOPDIR)/rules.mk
 
 PKG_NAME:=bind
-PKG_VERSION:=9.20.11
-PKG_RELEASE:=3
+PKG_VERSION:=9.20.15
+PKG_RELEASE:=1
 USERID:=bind=57:bind=57
 
 PKG_MAINTAINER:=Noah Meyerhans <frodo@morgul.net>
@@ -22,7 +22,7 @@ PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.xz
 PKG_SOURCE_URL:= \
 	https://www.mirrorservice.org/sites/ftp.isc.org/isc/bind9/$(PKG_VERSION) \
 	https://ftp.isc.org/isc/bind9/$(PKG_VERSION)
-PKG_HASH:=4da2d532e668bc21e883f6e6d9d3d81794d9ec60b181530385649a56f46ee17a
+PKG_HASH:=d62b38fae48ba83fca6181112d0c71018d8b0f2ce285dc79dc6a0367722ccabb
 
 PKG_INSTALL:=1
 PKG_BUILD_FLAGS:=no-mips16