Name: bind-chroot	Distribution: CentOS
Version: 9.16.23	Vendor: CentOS
Release: 43.el9	Build date: Fri Apr 17 13:00:26 2026
Group: Unspecified	Build host: ppc64le-01.stream.rdu2.redhat.com
Size: 6674	Source RPM: bind-9.16.23-43.el9.src.rpm
Packager: builder@centos.org
Url: https://www.isc.org/downloads/bind/
Summary: A chroot runtime environment for the ISC BIND DNS server, named(8)

This package contains a tree of files which can be used as a
chroot(2) jail for the named(8) program from the BIND package.
Based on the code from Jan "Yenya" Kasprzak <kas@fi.muni.cz>

Provides

Requires

License

MPLv2.0

Changelog

* Fri Mar 27 2026 Petr Menšík <pemensik@redhat.com> - 32:9.16.23-43
  - Prevent Denial of Service via maliciously crafted DNSSEC-validated zone
    (CVE-2026-1519)
* Thu Feb 12 2026 Fedor Vorobev <fvorobev@redhat.com> - 32:9.16.23-42
  - Backport fix of dig/nslookup hanging issue (RHEL-29712)
* Thu Jan 29 2026 Fedor Vorobev <fvorobev@redhat.com> - 32:9.16.23-41
  - Backport fix for manual DNSSEC key rollovers. (RHEL-12487)
* Wed Jan 28 2026 Petr Menšík <pemensik@redhat.com> - 32:9.16.23-40
  - Add forgotten _libdir/named into bind-chroot tmpfiles (RHEL-135629)
* Thu Jan 22 2026 Fedor Vorobev <fvorobev@redhat.com> - 32:9.16.23-39
  - Backport fix for nameserver line processing. (RHEL-79714)
* Fri Dec 12 2025 Petr Menšík <pemensik@redhat.com> - 32:9.16.23-38
  - Add sysusers named user creation (RHEL-132053)
* Fri Dec 12 2025 Petr Menšík <pemensik@redhat.com> - 32:9.16.23-37
  - Create /var/named directories for bind-chroot (RHEL-132053)
* Wed Oct 29 2025 Petr Menšík <pemensik@redhat.com> - 32:9.16.23-36
  - Copy named.* files from /var/named into /usr/share/named
* Wed Oct 29 2025 Petr Menšík <pemensik@redhat.com> - 32:9.16.23-35
  - Prevent cache poisoning due to weak PRNG (CVE-2025-40780)
  - Replace downstream fixes with upstream changes
  - Address various spoofing attacks (CVE-2025-40778)
* Tue Sep 16 2025 Petr Menšík <pemensik@redhat.com> - 32:9.16.23-34
  - Fix failures in idna system test (RHEL-66172)
* Fri Sep 12 2025 Petr Menšík <<pemensik@redhat.com>> - 32:9.16.23-33
  - logrotate: skip if empty and remove old variants (RHEL-113942)
* Wed Sep 03 2025 Petr Menšík <pemensik@redhat.com> - 32:9.16.23-32
  - Decode IDN names on input in all situations in utilities (RHEL-66172)
* Wed Jul 09 2025 Petr Menšík <pemensik@redhat.com> - 32:9.16.23-31
  - Add runtime tunable limit by environment NAMED_MAXADDITIONAL (RHEL-84006)
* Fri Jun 20 2025 Petr Menšík <pemensik@redhat.com> - 32:9.16.23-30
  - Change additional NS to be served partially (RHEL-84006)
* Tue Jun 10 2025 Petr Menšík <pemensik@redhat.com> - 32:9.18.23-29
  - Prevent name.c:670 attributes assertion failed (RHEL-30407)
  - Add extra checks for relative names
* Sat Feb 15 2025 Petr Menšík <pemensik@redhat.com> - 32:9.16.23-28
  - Fix test backport changes
* Wed Feb 05 2025 Petr Menšík <pemensik@redhat.com> - 32:9.16.23-27
  - Limit additional section records CPU processing (CVE-2024-11187)
* Wed Feb 05 2025 Petr Menšík <pemensik@redhat.com> - 32:9.16.23-26
  - Switch to autopatch changes applying
* Fri Sep 06 2024 Petr Menšík <pemensik@redhat.com> - 32:9.16.23-25
  - Bump version above RHEL 9.5
* Fri Aug 09 2024 Petr Menšík <pemensik@redhat.com> - 32:9.16.23-24
  - Minor fix of reclimit test backport (CVE-2024-1737)
* Wed Aug 07 2024 Petr Menšík <pemensik@redhat.com> - 32:9.16.23-23
  - Backport addition of max-records-per-type and max-records-per-type options
* Thu Jul 18 2024 Petr Menšík <pemensik@redhat.com> - 32:9.16.23-22
  - Resolve CVE-2024-1975
  - Resolve CVE-2024-1737
  - Resolve CVE-2024-4076
  - Add ability to change runtime limits for max types and records per name
* Tue Jul 09 2024 Petr Menšík <pemensik@redhat.com> - 32:9.16.23-21
  - Increase size of hazard pointer array (RHEL-39131)
* Tue May 28 2024 Petr Menšík <pemensik@redhat.com> - 32:9.16.23-20
  - Ensure bind CVE fixes hits public Stream repository
* Fri Apr 12 2024 Petr Menšík <pemensik@redhat.com> - 32:9.11.36-19
  - Ensure incompatible bind-dyndb-ldap is not accepted

Files

/etc/named-chroot.files
/usr/lib/systemd/system/named-chroot-setup.service
/usr/lib/systemd/system/named-chroot.service
/usr/lib/tmpfiles.d/bind-chroot.conf
/usr/libexec/setup-named-chroot.sh
/var/named/chroot
/var/named/chroot/dev
/var/named/chroot/dev/null
/var/named/chroot/dev/random
/var/named/chroot/dev/urandom
/var/named/chroot/dev/zero
/var/named/chroot/etc
/var/named/chroot/etc/crypto-policies
/var/named/chroot/etc/crypto-policies/back-ends
/var/named/chroot/etc/named
/var/named/chroot/etc/named.conf
/var/named/chroot/etc/pki
/var/named/chroot/etc/pki/dnssec-keys
/var/named/chroot/proc
/var/named/chroot/proc/sys
/var/named/chroot/proc/sys/net
/var/named/chroot/proc/sys/net/ipv4
/var/named/chroot/run
/var/named/chroot/run/named
/var/named/chroot/usr
/var/named/chroot/usr/lib64
/var/named/chroot/usr/lib64/bind
/var/named/chroot/usr/lib64/named
/var/named/chroot/usr/share/GeoIP
/var/named/chroot/usr/share/named
/var/named/chroot/var
/var/named/chroot/var/log
/var/named/chroot/var/named
/var/named/chroot/var/run
/var/named/chroot/var/tmp

Generated by rpm2html 1.8.1

Fabrice Bellet, Fri May 8 03:14:09 2026

bind-chroot-9.16.23-43.el9 RPM for ppc64le

From CentOS Stream 9 AppStream for ppc64le

Provides

Requires

License

Changelog

Files