bind: bump to 9.20.15

Fixes the following security issues:

- CVE-2025-8677: DNSSEC validation fails if matching but invalid
  DNSKEY is found.
- CVE-2025-40778 Address various spoofing attacks.
- CVE-2025-40780 Cache-poisoning due to weak pseudo-random number
  generator.

The complete list of changes from version 9.20.11 is available in the
upstream changelog at
https://ftp.isc.org/isc/bind9/9.20.15/doc/arm/html/changelog.html

Signed-off-by: Noah Meyerhans <[email protected]>
(cherry picked from commit 59465b95b847c2925993b2472d08af6f7571d770)

diff --git a/net/bind/Makefile b/net/bind/Makefile
index 148c1d7e1d8db4762ac247e316ed6bcb1b07be00..e24f7f42521c98e6a64f56248caff539cb08cee4 100644 (file)
--- a/net/bind/Makefile
+++ b/net/bind/Makefile
@@ -9,7 +9,7 @@
 include $(TOPDIR)/rules.mk
 
 PKG_NAME:=bind
-PKG_VERSION:=9.20.11
+PKG_VERSION:=9.20.15
 PKG_RELEASE:=1
 USERID:=bind=57:bind=57
 
@@ -22,7 +22,7 @@ PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.xz
 PKG_SOURCE_URL:= \
        https://www.mirrorservice.org/sites/ftp.isc.org/isc/bind9/$(PKG_VERSION) \
        https://ftp.isc.org/isc/bind9/$(PKG_VERSION)
-PKG_HASH:=4da2d532e668bc21e883f6e6d9d3d81794d9ec60b181530385649a56f46ee17a
+PKG_HASH:=d62b38fae48ba83fca6181112d0c71018d8b0f2ce285dc79dc6a0367722ccabb
 
 PKG_FIXUP:=autoreconf
 PKG_REMOVE_FILES:=aclocal.m4 libtool.m4