bind: bump to 9.20.15

Fixes the following security issues:

- CVE-2025-8677: DNSSEC validation fails if matching but invalid
  DNSKEY is found.
- CVE-2025-40778 Address various spoofing attacks.
- CVE-2025-40780 Cache-poisoning due to weak pseudo-random number
  generator.

The complete list of changes from version 9.20.11 is available in the
upstream changelog at
https://ftp.isc.org/isc/bind9/9.20.15/doc/arm/html/changelog.html

Signed-off-by: Noah Meyerhans <[email protected]>

diff --git a/net/bind/Makefile b/net/bind/Makefile
index 9c4f8c3f801316c13f349f9e5385015d47b6e62e..2eb7c30738687a55926b74c6f913cf198ed34a01 100644 (file)
--- a/net/bind/Makefile
+++ b/net/bind/Makefile
@@ -9,8 +9,8 @@
 include $(TOPDIR)/rules.mk
 
 PKG_NAME:=bind
-PKG_VERSION:=9.20.11
-PKG_RELEASE:=3
+PKG_VERSION:=9.20.15
+PKG_RELEASE:=1
 USERID:=bind=57:bind=57
 
 PKG_MAINTAINER:=Noah Meyerhans <[email protected]>
@@ -22,7 +22,7 @@ PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.xz
 PKG_SOURCE_URL:= \
        https://www.mirrorservice.org/sites/ftp.isc.org/isc/bind9/$(PKG_VERSION) \
        https://ftp.isc.org/isc/bind9/$(PKG_VERSION)
-PKG_HASH:=4da2d532e668bc21e883f6e6d9d3d81794d9ec60b181530385649a56f46ee17a
+PKG_HASH:=d62b38fae48ba83fca6181112d0c71018d8b0f2ce285dc79dc6a0367722ccabb
 
 PKG_INSTALL:=1
 PKG_BUILD_FLAGS:=no-mips16