pool/coredns
SHA256
17
0
Fork 2
Code Issues Pull Requests Activity

Update to version 1.14.0 #1

Manually merged
pool merged 22 commits from amanzini/coredns:leap-16.0 into leap-16.0 2026-01-21 10:10:56 +01:00
Conversation 19 Commits 22 Files Changed 9 +252 -23
amanzini commented 2026-01-19 16:00:37 +01:00
Contributor
Copy Link
  • fix CVE-2025-68156 bsc#1255345
  • fix CVE-2025-68151 bsc#1256411
- fix CVE-2025-68156 bsc#1255345 - fix CVE-2025-68151 bsc#1256411
amanzini added 20 commits 2026-01-19 16:00:38 +01:00
- Update to version 1.11.3+git129.387f34d: dd0958e7ab 
* fix CVE-2024-51744 (https://bugzilla.suse.com/show_bug.cgi?id=1232991)
    build(deps): bump github.com/golang-jwt/jwt/v4 from 4.5.0 to 4.5.1 (#6955)
  * core: set cache-control max-age as integer, not float (#6764)
  * Issue-6671: Fixed the order of plugins. (#6729)
  * `root`: explicit mark `dnssec` support (#6753)
  * feat: dnssec load keys from AWS Secrets Manager (#6618)
  * fuzzing: fix broken oss-fuzz build (#6880)
  * Replace k8s.io/utils/strings/slices by Go stdlib slices (#6863)
  * Update .go-version to 1.23.2 (#6920)
  * plugin/rewrite: Add "revert" parameter for EDNS0 options (#6893)
  * Added OpenSSF Scorecard Badge (#6738)
  * fix(cwd): Restored backwards compatibility of Current Workdir (#6731)
  * fix: plugin/auto: call OnShutdown() for each zone at its own OnShutdown() (#6705)
  * feature: log queue and buffer memory size configuration (#6591)
  * plugin/bind: add zone for link-local IPv6 instead of skipping (#6547)
  * only create PTR records for endpoints with hostname defined (#6898)
  * fix: reverter should execute the reversion in reversed order (#6872)
  * plugin/etcd: fix etcd connection leakage when reload (#6646)
  * kubernetes: Add useragent (#6484)
  * Update build (#6836)
  * Update grpc library use (#6826)
  * Bump go version from 1.21.11 to 1.21.12 (#6800)
  * Upgrade antonmedv/expr to expr-lang/expr (#6814)
  * hosts: add hostsfile as label for coredns_hosts_entries (#6801)
  * fix TestCorefile1 panic for nil handling (#6802)

OBS-URL: https://build.opensuse.org/package/show/devel:kubic/coredns?expand=0&rev=44
Accepting request 1222978 from devel:kubic f00ebb280d 
OBS-URL: https://build.opensuse.org/request/show/1222978
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/coredns?expand=0&rev=20
- Update to version 1.11.4: 871135fd2e 
* forward plugin: new option next, to try alternate upstreams when receiving
    specified response codes upstreams on (functions like the external plugin 
    alternate)
  * dnssec plugin: new option to load keys from AWS Secrets Manager
  * rewrite plugin: new option to revert EDNS0 option rewrites in responses

OBS-URL: https://build.opensuse.org/package/show/devel:kubic/coredns?expand=0&rev=46
Accepting request 1225138 from devel:kubic 9a3651d2ae 
OBS-URL: https://build.opensuse.org/request/show/1225138
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/coredns?expand=0&rev=21
- Update to version 1.12.0: e13b18f3ef 
* New multisocket plugin - allows CoreDNS to listen on multiple sockets
  * bump deps

OBS-URL: https://build.opensuse.org/package/show/devel:kubic/coredns?expand=0&rev=48
Accepting request 1227043 from devel:kubic 311c8f632a 
OBS-URL: https://build.opensuse.org/request/show/1227043
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/coredns?expand=0&rev=22
- Update to version 1.12.1: 0a9c791c2e 
* core: Increase CNAME lookup limit from 7 to 10 (#7153)
  * plugin/kubernetes: Fix handling of pods having DeletionTimestamp set
  * plugin/kubernetes: Revert "only create PTR records for endpoints with 
    hostname defined"
  * plugin/forward: added option failfast_all_unhealthy_upstreams to return 
    servfail if all upstreams are down
  * bump dependencies, fixing bsc#1239294 and bsc#1239728

OBS-URL: https://build.opensuse.org/package/show/devel:kubic/coredns?expand=0&rev=50
- dropped obscpio generation from _service 291fd470ae 
OBS-URL: https://build.opensuse.org/package/show/devel:kubic/coredns?expand=0&rev=51
Accepting request 1266201 from devel:kubic 62a1acd72a 
OBS-URL: https://build.opensuse.org/request/show/1266201
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/coredns?expand=0&rev=23
- Backported quic-go PR #5094: Fix parsing of ifindex from packets 5b3d0e3b7c 
to ensure compatibility with big-endian architectures 
   (see quic-go/quic-go#4978, coredns/coredns#6682).
-  This patch can be removed with the next quic-go release.

OBS-URL: https://build.opensuse.org/package/show/devel:kubic/coredns?expand=0&rev=53
- Added patch fixquic-go.patch af2907dccc 
OBS-URL: https://build.opensuse.org/package/show/devel:kubic/coredns?expand=0&rev=54
Accepting request 1274338 from devel:kubic 1a39a165a9 
OBS-URL: https://build.opensuse.org/request/show/1274338
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/coredns?expand=0&rev=24
- Update to version 1.12.4: 0027844e02 
* bump deps
  * fix(transfer): goroutine leak on axfr err (#7516)
  * plugin/etcd: fix import order for ttl test (#7515)
  * fix(grpc): check proxy list length in policies (#7512)
  * fix(https): propagate HTTP request context (#7491)
  * fix(plugin): guard nil lookups across plugins (#7494)
  * lint: add missing prealloc to backend lookup test (#7510)
  * fix(grpc): span leak on error attempt (#7487)
  * test(plugin): improve backend lookup coverage (#7496)
  * lint: enable prealloc (#7493)
  * lint: enable durationcheck (#7492)
  * Add Sophotech to adopters list (#7495)
  * plugin: Use %w to wrap user error (#7489)
  * fix(metrics): add timeouts to metrics HTTP server (#7469)
  * chore(ci): restrict token permissions (#7470)
  * chore(ci): pin workflow dependencies (#7471)
  * fix(forward): use netip package for parsing (#7472)
  * test(plugin): improve test coverage for pprof (#7473)
  * build(deps): bump github.com/go-viper/mapstructure/v2 (#7468)
  * plugin/file: fix label offset problem in ClosestEncloser (#7465)
  * feat(trace): migrate dd-trace-go v1 to v2 (#7466)
  * test(multisocket): deflake restart by using a fresh port and coordinated cleanup (#7438)
  * chore: update Go version to 1.24.6 (#7437)
  * plugin/header: Remove deprecated syntax (#7436)
  * plugin/loadbalance: support prefer option (#7433)
  * Improve caddy.GracefulServer conformance checks (#7416)

- Update to version 1.12.3:
  * chore: Minor changes to `Dockerfile` (#7428)

OBS-URL: https://build.opensuse.org/package/show/devel:kubic/coredns?expand=0&rev=56
Accepting request 1304041 from home:amanzini:branches:devel:kubic 739b87711f 
- fix CVE-2025-58063 https://bugzilla.suse.com/show_bug.cgi?id=1249389

OBS-URL: https://build.opensuse.org/request/show/1304041
OBS-URL: https://build.opensuse.org/package/show/devel:kubic/coredns?expand=0&rev=57
Updating link to change in openSUSE:Factory/coredns revision 25 4727abbcec 
OBS-URL: https://build.opensuse.org/package/show/devel:kubic/coredns?expand=0&rev=9c67ded636538714e47bd9e98c919769
baserev update by copy to link target 411bcc83b6 
OBS-URL: https://build.opensuse.org/package/show/devel:kubic/coredns?expand=0&rev=58
Accepting request 1303761 from devel:kubic d01c373a6a 
OBS-URL: https://build.opensuse.org/request/show/1303761
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/coredns?expand=0&rev=25
Accepting request 1305736 from devel:kubic e1cd86becf 
Automatic submission by obs-autosubmit

OBS-URL: https://build.opensuse.org/request/show/1305736
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/coredns?expand=0&rev=26
- fix CVE-2025-68156 https://bugzilla.suse.com/show_bug.cgi?id=1255345 53bac407b4 
- Update to version 1.14.0:
  * core: Fix gosec G115 integer overflow warnings
  * core: Add regex length limit
  * plugin/azure: Fix slice init length
  * plugin/errors: Add optional show_first flag to consolidate directive
  * plugin/file: Fix for misleading SOA parser warnings
  * plugin/kubernetes: Rate limits to api server
  * plugin/metrics: Implement plugin chain tracking
  * plugin/sign: Report parser err before missing SOA
  * build(deps): bump github.com/expr-lang/expr from 1.17.6 to 1.17.7
- Update to version 1.13.2:
  * core: Add basic support for DoH3
  * core: Avoid proxy unnecessary alloc in Yield
  * core: Fix usage of sync.Pool to save an alloc
  * core: Fix data race with sync.RWMutex for uniq
  * core: Prevent QUIC reload panic by lazily initializing the listener
  * core: Refactor/use reflect.TypeFor
  * plugin/auto: Limit regex length
  * plugin/cache: Remove superfluous allocations in item.toMsg
  * plugin/cache: Isolate metadata in prefetch goroutine
  * plugin/cache: Correct spelling of MaximumDefaultTTL in cache and dnsutil 
    packages
  * plugin/dnstap: Better error handling (redial & logging) when Dnstap is busy
  * plugin/file: Performance finetuning
  * plugin/forward: Disallow NOERROR in failover
  * plugin/forward: Added support for per-nameserver TLS SNI
  * plugin/forward: Prevent busy loop on connection err
  * plugin/forward: Add max connect attempts knob
  * plugin/geoip: Add ASN schema support

OBS-URL: https://build.opensuse.org/package/show/devel:kubic/coredns?expand=0&rev=60
Accepting request 1325985 from devel:kubic de93bf3dc1 
OBS-URL: https://build.opensuse.org/request/show/1325985
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/coredns?expand=0&rev=27
autogits_workflow_pr_bot requested review from legaldb 2026-01-19 16:01:07 +01:00
autogits_workflow_pr_bot requested review from maintenance-release-review 2026-01-19 16:01:07 +01:00
autogits_workflow_pr_bot requested review from opensuse-review 2026-01-19 16:01:08 +01:00
opensuse-review commented 2026-01-19 16:03:20 +01:00
Member
Copy Link

Review by opensuse-review represents a group of reviewers: alarrosa, anag, atartamo, bigironman, darix, dimstar, dmach, eroca, jdsn, jengelh, mcalabkova, mstrigl, nkrapp, oertel, RBrownSUSE, simotek, smithfarm .

Do not use standard review interface to review on behalf of the group.
To accept the review on behalf of the group, create the following comment: @opensuse-review: approve.
To request changes on behalf of the group, create the following comment: @opensuse-review: decline followed with lines justifying the decision.
Future edits of the comments are ignored, a new comment is required to change the review state.

Review by opensuse-review represents a group of reviewers: alarrosa, anag, atartamo, bigironman, darix, dimstar, dmach, eroca, jdsn, jengelh, mcalabkova, mstrigl, nkrapp, oertel, RBrownSUSE, simotek, smithfarm . Do **not** use standard review interface to review on behalf of the group. To accept the review on behalf of the group, create the following comment: `@opensuse-review: approve`. To request changes on behalf of the group, create the following comment: `@opensuse-review: decline` followed with lines justifying the decision. Future edits of the comments are ignored, a new comment is required to change the review state.
maintenance-release-review commented 2026-01-19 16:10:26 +01:00
First-time contributor
Copy Link

Review by maintenance-release-review represents a group of reviewers: abergmann, amattiazzo, bfilho, cmatos, crazybyte, emanuelecappello, gsonnu, maintenance-robot, mauriziogalli, mbozicevic, mimi_vx, mschnitzer, msmeissn, pluskalm, rfrohl, slemke .

Do not use standard review interface to review on behalf of the group.
To accept the review on behalf of the group, create the following comment: @maintenance-release-review: approve.
To request changes on behalf of the group, create the following comment: @maintenance-release-review: decline followed with lines justifying the decision.
Future edits of the comments are ignored, a new comment is required to change the review state.

Review by maintenance-release-review represents a group of reviewers: abergmann, amattiazzo, bfilho, cmatos, crazybyte, emanuelecappello, gsonnu, maintenance-robot, mauriziogalli, mbozicevic, mimi_vx, mschnitzer, msmeissn, pluskalm, rfrohl, slemke . Do **not** use standard review interface to review on behalf of the group. To accept the review on behalf of the group, create the following comment: `@maintenance-release-review: approve`. To request changes on behalf of the group, create the following comment: `@maintenance-release-review: decline` followed with lines justifying the decision. Future edits of the comments are ignored, a new comment is required to change the review state.
legaldb commented 2026-01-19 16:14:45 +01:00
Member
Copy Link

Legal reviewed as acceptable:

Accepted because previously reviewed under the same license (496556)
Legal reviewed as [acceptable](https://legaldb.suse.de/reviews/details/498533): ``` Accepted because previously reviewed under the same license (496556) ```
report.md
1.4 KiB
legaldb approved these changes 2026-01-19 16:14:45 +01:00
Dismissed
rfrohl commented 2026-01-20 15:37:57 +01:00
First-time contributor
Copy Link

@amanzini can you please change the URL to the bsc# shortform in the changes file.

@maintenance-release-review: decline

@amanzini can you please change the URL to the bsc# shortform in the changes file. @maintenance-release-review: decline
maintenance-release-review requested changes 2026-01-20 15:40:04 +01:00
Dismissed
maintenance-release-review left a comment
First-time contributor
Copy Link

rfrohl requested changes on behalf of maintenance-release-review. See #1 (comment)

rfrohl requested changes on behalf of maintenance-release-review. See https://src.opensuse.org/pool/coredns/pulls/1#issuecomment-82158
amanzini added 1 commit 2026-01-20 15:48:24 +01:00
changed bugzilla url 2d39528068
amanzini dismissed legaldb's review 2026-01-20 15:48:24 +01:00
Reason:

New commits pushed, approval review dismissed automatically according to repository settings

opensuse-review commented 2026-01-20 15:48:38 +01:00
Member
Copy Link

Review by opensuse-review represents a group of reviewers: alarrosa, anag, atartamo, bigironman, darix, dimstar, dmach, eroca, jdsn, jengelh, mcalabkova, mstrigl, nkrapp, oertel, RBrownSUSE, simotek, smithfarm .

Do not use standard review interface to review on behalf of the group.
To accept the review on behalf of the group, create the following comment: @opensuse-review: approve.
To request changes on behalf of the group, create the following comment: @opensuse-review: decline followed with lines justifying the decision.
Future edits of the comments are ignored, a new comment is required to change the review state.

Review by opensuse-review represents a group of reviewers: alarrosa, anag, atartamo, bigironman, darix, dimstar, dmach, eroca, jdsn, jengelh, mcalabkova, mstrigl, nkrapp, oertel, RBrownSUSE, simotek, smithfarm . Do **not** use standard review interface to review on behalf of the group. To accept the review on behalf of the group, create the following comment: `@opensuse-review: approve`. To request changes on behalf of the group, create the following comment: `@opensuse-review: decline` followed with lines justifying the decision. Future edits of the comments are ignored, a new comment is required to change the review state.
autogits_workflow_pr_bot requested review from legaldb 2026-01-20 15:48:53 +01:00
autogits_workflow_pr_bot requested review from maintenance-release-review 2026-01-20 15:48:53 +01:00
maintenance-release-review commented 2026-01-20 15:50:10 +01:00
First-time contributor
Copy Link

Review by maintenance-release-review represents a group of reviewers: abergmann, amattiazzo, bfilho, cmatos, crazybyte, emanuelecappello, gsonnu, maintenance-robot, mauriziogalli, mbozicevic, mimi_vx, mschnitzer, msmeissn, pluskalm, rfrohl, slemke .

Do not use standard review interface to review on behalf of the group.
To accept the review on behalf of the group, create the following comment: @maintenance-release-review: approve.
To request changes on behalf of the group, create the following comment: @maintenance-release-review: decline followed with lines justifying the decision.
Future edits of the comments are ignored, a new comment is required to change the review state.

Review by maintenance-release-review represents a group of reviewers: abergmann, amattiazzo, bfilho, cmatos, crazybyte, emanuelecappello, gsonnu, maintenance-robot, mauriziogalli, mbozicevic, mimi_vx, mschnitzer, msmeissn, pluskalm, rfrohl, slemke . Do **not** use standard review interface to review on behalf of the group. To accept the review on behalf of the group, create the following comment: `@maintenance-release-review: approve`. To request changes on behalf of the group, create the following comment: `@maintenance-release-review: decline` followed with lines justifying the decision. Future edits of the comments are ignored, a new comment is required to change the review state.
legaldb commented 2026-01-20 16:08:03 +01:00
Member
Copy Link

Legal reviewed as acceptable:

Accepted because previously reviewed under the same license (496556)
Legal reviewed as [acceptable](https://legaldb.suse.de/reviews/details/498785): ``` Accepted because previously reviewed under the same license (496556) ```
report.md
1.4 KiB
legaldb approved these changes 2026-01-20 16:08:04 +01:00
Dismissed
amanzini added 1 commit 2026-01-20 16:28:30 +01:00
changed bugzilla url 8273aa64e4
amanzini dismissed legaldb's review 2026-01-20 16:28:30 +01:00
Reason:

New commits pushed, approval review dismissed automatically according to repository settings

opensuse-review commented 2026-01-20 16:28:52 +01:00
Member
Copy Link

Review by opensuse-review represents a group of reviewers: alarrosa, anag, atartamo, bigironman, darix, dimstar, dmach, eroca, jdsn, jengelh, mcalabkova, mstrigl, nkrapp, oertel, RBrownSUSE, simotek, smithfarm .

Do not use standard review interface to review on behalf of the group.
To accept the review on behalf of the group, create the following comment: @opensuse-review: approve.
To request changes on behalf of the group, create the following comment: @opensuse-review: decline followed with lines justifying the decision.
Future edits of the comments are ignored, a new comment is required to change the review state.

Review by opensuse-review represents a group of reviewers: alarrosa, anag, atartamo, bigironman, darix, dimstar, dmach, eroca, jdsn, jengelh, mcalabkova, mstrigl, nkrapp, oertel, RBrownSUSE, simotek, smithfarm . Do **not** use standard review interface to review on behalf of the group. To accept the review on behalf of the group, create the following comment: `@opensuse-review: approve`. To request changes on behalf of the group, create the following comment: `@opensuse-review: decline` followed with lines justifying the decision. Future edits of the comments are ignored, a new comment is required to change the review state.
autogits_workflow_pr_bot requested review from legaldb 2026-01-20 16:29:00 +01:00
maintenance-release-review commented 2026-01-20 16:30:31 +01:00
First-time contributor
Copy Link

Review by maintenance-release-review represents a group of reviewers: abergmann, amattiazzo, bfilho, cmatos, crazybyte, emanuelecappello, gsonnu, maintenance-robot, mauriziogalli, mbozicevic, mimi_vx, mschnitzer, msmeissn, pluskalm, rfrohl, slemke .

Do not use standard review interface to review on behalf of the group.
To accept the review on behalf of the group, create the following comment: @maintenance-release-review: approve.
To request changes on behalf of the group, create the following comment: @maintenance-release-review: decline followed with lines justifying the decision.
Future edits of the comments are ignored, a new comment is required to change the review state.

Review by maintenance-release-review represents a group of reviewers: abergmann, amattiazzo, bfilho, cmatos, crazybyte, emanuelecappello, gsonnu, maintenance-robot, mauriziogalli, mbozicevic, mimi_vx, mschnitzer, msmeissn, pluskalm, rfrohl, slemke . Do **not** use standard review interface to review on behalf of the group. To accept the review on behalf of the group, create the following comment: `@maintenance-release-review: approve`. To request changes on behalf of the group, create the following comment: `@maintenance-release-review: decline` followed with lines justifying the decision. Future edits of the comments are ignored, a new comment is required to change the review state.
legaldb commented 2026-01-20 16:48:11 +01:00
Member
Copy Link

Legal reviewed as acceptable:

Accepted because previously reviewed under the same license (496556)
Legal reviewed as [acceptable](https://legaldb.suse.de/reviews/details/498815): ``` Accepted because previously reviewed under the same license (496556) ```
report.md
1.4 KiB
legaldb approved these changes 2026-01-20 16:48:11 +01:00
rfrohl commented 2026-01-20 18:26:56 +01:00
First-time contributor
Copy Link

@maintenance-release-review: approve

@maintenance-release-review: approve
maintenance-release-review approved these changes 2026-01-20 18:31:37 +01:00
maintenance-release-review left a comment
First-time contributor
Copy Link

rfrohl approved a review on behalf of maintenance-release-review

rfrohl approved a review on behalf of maintenance-release-review
oertel commented 2026-01-20 18:39:18 +01:00
First-time contributor
Copy Link

@opensuse-review : approve

LGTM

@opensuse-review : approve LGTM
oertel commented 2026-01-20 18:39:18 +01:00
First-time contributor
Copy Link

merge ok

merge ok
opensuse-review approved these changes 2026-01-20 18:39:43 +01:00
opensuse-review left a comment
Member
Copy Link

oertel approved a review on behalf of opensuse-review

oertel approved a review on behalf of opensuse-review
pool manually merged commit 8273aa64e4 into leap-16.0 2026-01-21 10:10:56 +01:00
Sign in to join this conversation.
Reviewers
No Reviewers
legaldb
maintenance-release-review
opensuse-review
Labels
Clear labels
legaldb
Critical Priority
Critical legaldb priority
Archived
legaldb
High Priority
2
High legaldb priority
legaldb
Normal Priority
1
Normal legaldb priority
No Label
Milestone
No items
No Milestone
Assignees
Clear assignees
adamm_super adrianSuSE autobuild-owner autobuild-review autogits_workflow_pr_bot bigironman dirkmueller eroca factory_bot gitea_test legaldb lkocman-factory maxlin_factory opensuse-review packagehub-review smithfarm
No Assignees
6 Participants
Notifications
Due Date
No due date set.
Dependencies

No dependencies set.

Reference: pool/coredns#1
Delete Branch "amanzini/coredns:leap-16.0"

Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?