Advisories » MGASA-2025-0318

Updated unbound packages fix security vulnerabilities

Publication date: 04 Dec 2025
Modification date: 04 Dec 2025
Type: security
Affected Mageia releases : 9
CVE: CVE-2025-11411

Description

Possible domain hijacking via promiscuous records in the authority
section. (CVE-2025-11411).
Previous fixes for CVE-2025-11411 released with Unbound 1.24.1 were not
complete.
                

References

• https://bugs.mageia.org/show_bug.cgi?id=34785
• https://advisories.mageia.org/MGASA-2025-0273.html
• https://www.openwall.com/lists/oss-security/2025/11/26/4
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-11411

SRPMS

9/core

• unbound-1.24.2-1.mga9