diff --git a/bind-9.18.15.tar.xz b/bind-9.18.15.tar.xz
deleted file mode 100644
index 992b193..0000000
--- a/bind-9.18.15.tar.xz
+++ /dev/null
@@ -1,3 +0,0 @@
-version https://git-lfs.github.com/spec/v1
-oid sha256:28ae8db14862801bc2bd4fd820db00667d3f1ff9ae9cc2d06a0ef7810fed7a4e
-size 5476876
diff --git a/bind-9.18.15.tar.xz.asc b/bind-9.18.15.tar.xz.asc
deleted file mode 100644
index 162f0b5..0000000
--- a/bind-9.18.15.tar.xz.asc
+++ /dev/null
@@ -1,16 +0,0 @@
------BEGIN PGP SIGNATURE-----
-
-iQIzBAABCgAdFiEE2ZzOr4eXRwFPA41jGC4jV5Ri76oFAmRbhXIACgkQGC4jV5Ri
-76qQURAAs155a7uhHXxBmtN97KKlr+mP2ZK15wS8yRqcA0wTVCnTML4C6ah49472
-EWSqTR1tr6PtZWcoAz0bjNOU8Z4FjZpF8SgcMap7iJkh4lW7vciQAyjScTwtiuzd
-pwRI/tfR4KM8hIYQ+bbuDSuAmFjp9LxrBMWnNmqH52GbBgILZeV8bNO/Z26FvvXA
-TJ57zplbVGrLGHWlB9Xjh59qwe+PYQUq0VbfOk86nDKsr+8JlDfOxoDzqPvhWAPH
-hcqYtuoD6wFgcNuDt/OrxSNRWr/mG5AndRumx/HFg632CEW+a0thF1ma6F1r5vwD
-mbP5BFwQvGpE5KH9lDcwtOATX9e6s9AM6gys1pDeqQYGyL7kn+NT1GuEvA9uEU0e
-1gE/ZhmfcZMZAAWOB8IUl8MuugAjdXTG0dSb0JCThBgptpghdujiY6VI1ST6Vci4
-bPvgK5oNHB/+tLpkbKfS0CNHuvixMxPrIMmsS5sbRDv5QxUW3ByCHBgjvr20WiOO
-3xGMhYsrZo5kb9LxQHe+H4iWcfQuSAtERO/w8i+NgAPoqnurZ15eR5rHi4dnne2+
-Pg84ar0Bnn5OZYawrTaPcpXZUyiZdHftiX3iWPGnDBE9HWg3YKhrLFqYObGJCkSs
-NF+GlWjYj8ezBohJiqc4GePrAebjaF5me7PHCn2xBSn1Y9YV3zs=
-=3yjb
------END PGP SIGNATURE-----
diff --git a/bind-9.18.16.tar.xz b/bind-9.18.16.tar.xz
new file mode 100644
index 0000000..80feba7
--- /dev/null
+++ b/bind-9.18.16.tar.xz
@@ -0,0 +1,3 @@
+version https://git-lfs.github.com/spec/v1
+oid sha256:c88234fe07ee75c3c8a9e59152fee64b714643de8e22cf98da3db4d0b57e0775
+size 5462456
diff --git a/bind-9.18.16.tar.xz.asc b/bind-9.18.16.tar.xz.asc
new file mode 100644
index 0000000..fd5c3d8
--- /dev/null
+++ b/bind-9.18.16.tar.xz.asc
@@ -0,0 +1,16 @@
+-----BEGIN PGP SIGNATURE-----
+
+iQIzBAABCgAdFiEEcGtsKGIOdvkdEfffUQpkKgbFLOwFAmSITLEACgkQUQpkKgbF
+LOzz+BAAvQmGbTGgbYAgeFzI8iCLKTRrPzdtBz2KodbSSJ8Ps10LLOv9Csf4LSUb
+vrVoxj1wAMxdCOsRkeRCSkFCxRbngbDrqIX3WrPZ0+9OH1+0UXQv72B7CLMg2FhS
+fIWi+D4w2AQJ6xToHrSyKOvQUzj1ir0fpuT526BWHyfidn9j+GP7NVkztgYTDrsj
+L1gON0EgWkLoWNROEZb/pKpdio8a9SMivz2uPgvXZ92oRxRvkJjOXu9rTio+uOgS
+tN52fXUAz7hhFJFc1qJeEM5QogueN0ibbp5oZNsg6mXE30IlVxJgVEKrjHUcHiD5
+C2Wjbb0RONg8GW57+FxQ58Qkz4x2BGEx9d3OXf2w8HvVbMckw91eUo2Kg+IhXxlB
+rZjTd7Lu3I/HqUL9qbAQ+3ovkjUFwsqcnWwtJ3ALX3fgqqZbnxCJ73gottFRODgN
+vnD+YuHL1UjDjNOAP9qz+8OVso5Udm3ybnzL75vjlJTE/ZZCzJLRW1QA97OnHsPQ
+szu2ypX1zLGlcsM3MJT16VMUGizRRLwnFJLtMrphqyAG8midnN5DH89fZqH4pP4V
+/k02LEW4VXAbE1Tzq410k4Qp1MT1e5/f5TpWY1VgjbFPrs3jOAMsYzCgPUhaGb4M
+QCPgtPNaMI6V8UZaDaA7sQrKSrG6G8SNL6dcrxZ+L0jSK7BLeT4=
+=XChL
+-----END PGP SIGNATURE-----
diff --git a/bind.changes b/bind.changes
index 5df50a8..7e5d4ff 100644
--- a/bind.changes
+++ b/bind.changes
@@ -1,3 +1,43 @@
+-------------------------------------------------------------------
+Thu Jun 22 08:04:23 UTC 2023 - Jorik Cronenberg <jorik.cronenberg@suse.com>
+
+- Update to release 9.18.16
+  Security Fixes:
+  * The overmem cleaning process has been improved, to prevent the
+    cache from significantly exceeding the configured
+    max-cache-size limit. (CVE-2023-2828)
+  * A query that prioritizes stale data over lookup triggers a
+    fetch to refresh the stale data in cache. If the fetch is
+    aborted for exceeding the recursion quota, it was possible for
+    named to enter an infinite callback loop and crash due to stack
+    overflow. This has been fixed. (CVE-2023-2911)
+
+  New Features:
+  * The system test suite can now be executed with pytest (along
+    with pytest-xdist for parallel execution).
+
+  Removed Features:
+  * TKEY mode 2 (Diffie-Hellman Exchanged Keying) is now
+    deprecated, and will be removed in a future release. A warning
+    will be logged when the tkey-dhkey option is used in
+    named.conf.
+
+  Bug Fixes:
+  * BIND could get stuck on reconfiguration when a listen-on
+    statement for HTTP is removed from the configuration. That has
+    been fixed.
+  * Previously, it was possible for a delegation from cache to be
+    returned to the client after the stale-answer-client-timeout
+    duration. This has been fixed.
+  * BIND could allocate too big buffers when sending data via
+    stream-based DNS transports, leading to increased memory usage.
+    This has been fixed.
+  * When the stale-answer-enable option was enabled and the
+    stale-answer-client-timeout option was enabled and larger than
+    0, named previously allocated two slots from the
+    clients-per-query limit for each client and failed to gradually
+    auto-tune its value, as configured. This has been fixed.
+
 -------------------------------------------------------------------
 Wed May 17 09:39:55 UTC 2023 - Jorik Cronenberg <jorik.cronenberg@suse.com>
 
diff --git a/bind.spec b/bind.spec
index f8be8f8..191aca8 100644
--- a/bind.spec
+++ b/bind.spec
@@ -56,7 +56,7 @@
   %define _fillupdir %{_localstatedir}/adm/fillup-templates
 %endif
 Name:           bind
-Version:        9.18.15
+Version:        9.18.16
 Release:        0
 Summary:        Domain Name System (DNS) Server (named)
 License:        MPL-2.0