openSUSE Security Update: Security update for coredns Announcement ID: openSUSE-SU-2025:0131-1 Rating: moderate References: #1239294 #1239728 Cross-References: CVE-2024-51744 CVSS scores: CVE-2024-51744 (SUSE): 2.1 CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:A/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N Affected Products: openSUSE Backports SLE-15-SP6 An update that solves one vulnerability and has one errata is now available. Description: This update for coredns fixes the following issues: Update to version 1.12.1: core: Increase CNAME lookup limit from 7 to 10 (#7153) plugin/kubernetes: Fix handling of pods having DeletionTimestamp set plugin/kubernetes: Revert "only create PTR records for endpoints with hostname defined" plugin/forward: added option failfast_all_unhealthy_upstreams to return servfail if all upstreams are down bump dependencies, fixing boo#1239294 and boo#1239728 Update to version 1.12.0: New multisocket plugin – allows CoreDNS to listen on multiple sockets bump deps Update to version 1.11.4: forward plugin: new option next, to try alternate upstreams when receiving specified response codes upstreams on (functions like the external plugin alternate) dnssec plugin: new option to load keys from AWS Secrets Manager rewrite plugin: new option to revert EDNS0 option rewrites in responses Update to version 1.11.3+git129.387f34d: fix CVE-2024-51744 (bsc#1232991) build(deps):…Read More