Log message:
net/bind918: update to 9.18.48

9.18.48 (2026-04-01)

Security Fixes

* Fix crash when reconfiguring zone update policy during active updates.

  We fixed a crash that could occur when running rndc reconfig to change a
  zone's update policy (e.g., from allow-update to update-policy) while DNS
  UPDATE requests were being processed for that zone.

  ISC would like to thank Vitaly Simonovich for bringing this issue to our
  attention.  [GL #5817]

Bug Fixes

* Fix a crash triggered by rndc modzone on a zone from a configuration file.

* Calling rndc modzone on a zone that was configured in the configuration
  file caused a crash.  This has been fixed.  [GL #5800]

* Fix a crash triggered by rndc modzone on zone that already existed in NZF
  file.

  Calling rndc modzone didn't work properly for a zone that was configured
  in the configuration file.  It could crash if BIND 9 was built without
  LMDB or if there was already an NZF file for the zone.  This has been
  fixed.  [GL #5826]

Log message:
net/bind918: update to 9.18.47

This is security release and from release announce:

Our March 2026 maintenance releases of BIND 9 are available and can be \ 
downloaded from the links below.  Packages and container images provided by ISC \ 
will be updated later today.

In addition to bug fixes and feature improvements, these releases also contain \ 
fixes for security vulnerabilities.  More information can be found in the \ 
following Security Advisories:

    https://kb.isc.org/docs/cve-2026-1519
    https://kb.isc.org/docs/cve-2026-3104
    https://kb.isc.org/docs/cve-2026-3119
    https://kb.isc.org/docs/cve-2026-3591

A link to each newly-released version follows.  Each release directory includes \ 
a complete source tarball, cryptographic signature, and release notes.  The \ 
release notes provide a summary of significant changes, and should be reviewed \ 
before upgrading.

  - Current supported stable branches:

    - 9.18.47  - https://downloads.isc.org/isc/bind9/9.18.47/
    - 9.20.21  - https://downloads.isc.org/isc/bind9/9.20.21/

  - Experimental development branch:

    - 9.21.20  - https://downloads.isc.org/isc/bind9/9.21.20/

Log message:
net/bind918: update to 9.18.46

9.18.46 (2026-02-27)

Bug Fixes

* A stale answer could have been served in case of multiple upstream
  failures when following CNAME chains. This has been fixed. [GL #5751]

Log message:
net/bind918: update to 9.18.45

BIND 9.18.45 (2026-02-18)

Feature Changes

* Update requirements for system test suite.
* Python 3.10 or newer is now required for running the system test suite.
  The required Python packages and their version requirements are now
  tracked in the file bin/tests/system/requirements.txt.
  [GL #5690] [GL #5614]

Bug Fixes

* Fix implementation of BRID and HHIT record types. [GL #5710]
* Fix implementation of DSYNC record type. [GL #5711]

Log message:
net/bind918: update to 9.18.44

This release contains security fix, <https://kb.isc.org/docs/cve-2025-13878>.
9.18.44 (2026-01-21)

Security Fixes

* Fix incorrect length checks for BRID and HHIT records. (CVE-2025-13878)

* Malformed BRID and HHIT records could trigger an assertion failure. This
  has been fixed.

* ISC would like to thank Vlatko Kosturjak from Marlink Cyber for bringing
  this vulnerability to our attention.  [GL #5616]

Bug Fixes

* Allow glue in delegations with QTYPE=ANY.

* When a query for type ANY triggered a delegation response, all additional
  data was omitted from the response, including mandatory glue.  This has
  been fixed. [GL #5659]

Reconfiguring an NSEC3 opt-out zone to NSEC caused the zone to be invalid.

* A zone that was signed with NSEC3, had opt-out enabled, and was then
  reconfigured to use NSEC, was published with missing NSEC records.  This
  has been fixed.  [GL #5679]

Log message:
*: recursive bump for abseil-20260107.0 shlib version bump

Log message:
bind918: use SED instead of HEAD, since SED is defined earlier

Log message:
*: recursive bump for icu 78.1