Red Hat Product Errata RHSA-2026:18556 - Security Advisory Issued: 2026-05-19 Updated: 2026-05-19 RHSA-2026:18556 - Security Advisory Overview Updated Packages Synopsis Moderate: unbound security update Type/Severity Security Advisory: Moderate Red Hat Lightspeed patch analysis Identify and remediate systems affected by this advisory. View affected systems Topic An update for unbound is now available for Red Hat Enterprise Linux 10. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. Description The unbound packages provide a validating, recursive, and caching DNS or DNSSEC resolver. Security Fix(es): unbound: DNSBomb vulnerability (CVE-2024-33655) unbound: Unbound domain hijacking via promiscuous records (CVE-2025-11411) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Red Hat Enterprise Linux 10 Release Notes linked from the References section. Solution For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 Affected Products Red Hat Enterprise Linux for x86_64 10 x86_64 Red Hat Enterprise Linux for IBM z Systems 10 s390x Red Hat Enterprise Linux for Power, little endian 10 ppc64le Red Hat Enterprise Linux for ARM 64 10 aarch64 Red Hat CodeReady Linux Builder for x86_64 10 x86_64 Red Hat CodeReady Linux Builder for Power, little endian 10 ppc64le Red Hat CodeReady Linux Builder for ARM 64 10 aarch64 Red Hat CodeReady Linux Builder for IBM z Systems 10 s390x Fixes BZ - 2279942 - CVE-2024-33655 unbound: DNSBomb vulnerability BZ - 2405706 - CVE-2025-11411 unbound: Unbound domain hijacking via promiscuous records RHEL-123204 - Update to latest unbound 1.24.2 RHEL-147790 - Unbound has disabled TLS 1.2 in default configuration RHEL-127543 - unbound-utils is not present in AppStream CVEs CVE-2024-33655 CVE-2025-11411 References https://access.redhat.com/security/updates/classification/#moderate https://docs.redhat.com/en/documentation/red_hat_enterprise_linux/10/html/10.2_release_notes/index Note: More recent versions of these packages may be available. Click a package name for more details. Red Hat Enterprise Linux for x86_64 10 SRPM unbound-1.24.2-7.el10.src.rpm SHA-256: 0cc3d40365127c5b36396ffaa0b151c207f562bca9e2cad5c890e70a542c11a9 x86_64 python3-unbound-1.24.2-7.el10.x86_64.rpm SHA-256: 19c284d197adc5d543561b4ab58bc43fe8aa3a6a9c47c86cdf6fc12b91c9b447 python3-unbound-debuginfo-1.24.2-7.el10.x86_64.rpm SHA-256: 1a8a82cd17b42618410bba987dc1009553b28a26c06068e29835197170f8a7d7 unbound-1.24.2-7.el10.x86_64.rpm SHA-256: 2733c2e186a443197ffe5d7bb08aa72edbe4202880a934be19e6bf63416aff84 unbound-anchor-1.24.2-7.el10.x86_64.rpm SHA-256: d367a5289374ba455a555f4fdb8bfcd9793f3674d5332fd36ae8b96038cccf0e unbound-anchor-debuginfo-1.24.2-7.el10.x86_64.rpm SHA-256: 77e8c50c61d78bd27fe6d4531f375beb8a33d92bf4018d91fb9924a7d239aee2 unbound-debuginfo-1.24.2-7.el10.x86_64.rpm SHA-256: 4de63157ebe9a2d788c82906159fe581c9bcd72afa94dd22fad11079fdf4fad7 unbound-debugsource-1.24.2-7.el10.x86_64.rpm SHA-256: 7bdd67de97ba100913693986144cb8d2ab12b0447c909322b598432a3c0a672d unbound-dracut-1.24.2-7.el10.x86_64.rpm SHA-256: 5b38a5d6caef09c16428316117c5a79cd2815933b020175c0acecb23fc0e230a unbound-libs-1.24.2-7.el10.x86_64.rpm SHA-256: b25b7fde20bfde1acee36a5c817d8f96b54c98ef78deffce4d67bd7837867312 unbound-libs-debuginfo-1.24.2-7.el10.x86_64.rpm SHA-256: 52500dbfe666a8ed9252f58cd79e4b37a2bf34283a7d48cf3061000b53ba3535 unbound-utils-1.24.2-7.el10.x86_64.rpm SHA-256: c3334e8181db3a2cfacacee080b10bfd95a721428fccbfba5e46f80e5251416d unbound-utils-debuginfo-1.24.2-7.el10.x86_64.rpm SHA-256: 092e10d1efa8c62f2026bf32089ac0c38d41ec508a0f369b4d57fe833ab2b859 Red Hat Enterprise Linux for IBM z Systems 10 SRPM unbound-1.24.2-7.el10.src.rpm SHA-256: 0cc3d40365127c5b36396ffaa0b151c207f562bca9e2cad5c890e70a542c11a9 s390x python3-unbound-1.24.2-7.el10.s390x.rpm SHA-256: c33117417dc43a05bcf0918a6018251eb2a78bffcc180cea3fd703ccd6327209 python3-unbound-debuginfo-1.24.2-7.el10.s390x.rpm SHA-256: d05daaff397ae518030735792d10253641786cc118d5855507bc060189a2f544 unbound-1.24.2-7.el10.s390x.rpm SHA-256: 9b5660913c4767b9fdad01de66e91f361ae740c22e687110febb7f7aeda186d8 unbound-anchor-1.24.2-7.el10.s390x.rpm SHA-256: 3dc09695cb72d0af2f707403f0502c6b61558a35ef142f72a99212581745e107 unbound-anchor-debuginfo-1.24.2-7.el10.s390x.rpm SHA-256: a331a313c0a8fd0da93c416e577a7b06011fcbd1a7d02835f44a00bfb37e418b unbound-debuginfo-1.24.2-7.el10.s390x.rpm SHA-256: 46eb9cbfda1d37c9d5d068f8e288d0bbc6d9d732cb7169ff21e3d2921eba05fd unbound-debugsource-1.24.2-7.el10.s390x.rpm SHA-256: 50d67b001e5451034d593f761f26995d95bafc1d8d240e7bd2ce6d0c301c2e2c unbound-dracut-1.24.2-7.el10.s390x.rpm SHA-256: f39c82a3dfc5b7c1570d63608f2649afe38c1a56455ad34b105b98579314ff77 unbound-libs-1.24.2-7.el10.s390x.rpm SHA-256: 1ad19869ca8c461d3ec8f801fd296097c1402a8300c70fd10cc488a7cb2c2fae unbound-libs-debuginfo-1.24.2-7.el10.s390x.rpm SHA-256: 5dbf78495389babf5046ccabf4c91703f60dd5de79799f22c600df78dbdc9626 unbound-utils-1.24.2-7.el10.s390x.rpm SHA-256: c399063ac4b910deaa43271afdfb49cefdd38bd8c6710970503d4b82f644a3ee unbound-utils-debuginfo-1.24.2-7.el10.s390x.rpm SHA-256: e994ff2d7474cb113f43e0563f131d7a4a098b82f8ac0e9a13217788afc11166 Red Hat Enterprise Linux for Power, little endian 10 SRPM unbound-1.24.2-7.el10.src.rpm SHA-256: 0cc3d40365127c5b36396ffaa0b151c207f562bca9e2cad5c890e70a542c11a9 ppc64le python3-unbound-1.24.2-7.el10.ppc64le.rpm SHA-256: a58e6bc1166af71cfa48bcbae71678fa5091f5aee2d71634873fa1cbf2f79135 python3-unbound-debuginfo-1.24.2-7.el10.ppc64le.rpm SHA-256: 18fddd334e77a2fc5362677e37466729a3f097ccb15ad3543806ecc4f8773053 unbound-1.24.2-7.el10.ppc64le.rpm SHA-256: 0c3ef5989db6fc284dc040cbec598acff6d6a4a017b7ab64f11108682008b366 unbound-anchor-1.24.2-7.el10.ppc64le.rpm SHA-256: 676f43ba4002a813959468bc3a30e31f5085d0d70a98acc0769424b3121c1e65 unbound-anchor-debuginfo-1.24.2-7.el10.ppc64le.rpm SHA-256: 183629466718dd0220fd196445c5d1b213cc084eeb0ac3c3baa802fae3a66c74 unbound-debuginfo-1.24.2-7.el10.ppc64le.rpm SHA-256: e209497a25de077425306be441108d16ac91b07aa1998a633ab0a6807de35f28 unbound-debugsource-1.24.2-7.el10.ppc64le.rpm SHA-256: 19464fdeba31c122c118ee646ccdd0ea17ba1e502b96cad1cd0264a388db04f8 unbound-dracut-1.24.2-7.el10.ppc64le.rpm SHA-256: 5670b594c626258e7a40a53701ac6edded9f3c693539bd1ee472d973ad8a72ac unbound-libs-1.24.2-7.el10.ppc64le.rpm SHA-256: 1f3a819081f622acd105d3d7cc96d2add35c46db386e80e56ebf5f94b04474ca unbound-libs-debuginfo-1.24.2-7.el10.ppc64le.rpm SHA-256: fb5908a27edc739a17eae55418d4a3c24ef15a81ccd1b1b5ed0f6502b9fb0945 unbound-utils-1.24.2-7.el10.ppc64le.rpm SHA-256: 54d0ea72a3c9e01b761b35e2833a4787b3004b6a17b02cc4acb6f878622180e8 unbound-utils-debuginfo-1.24.2-7.el10.ppc64le.rpm SHA-256: 6cb4e36046662a0416ee17610da6c4606ae07582830700e1aad1587ddb260598 Red Hat Enterprise Linux for ARM 64 10 SRPM unbound-1.24.2-7.el10.src.rpm SHA-256: 0cc3d40365127c5b36396ffaa0b151c207f562bca9e2cad5c890e70a542c11a9 aarch64 python3-unbound-1.24.2-7.el10.aarch64.rpm SHA-256: 4bb6d54026fd80cd98d1400ce628d2ba6e8a4b0e136943309b1258525f094288 python3-unbound-debuginfo-1.24.2-7.el10.aarch64.rpm SHA-256: 926ac551a15e72356b928e7c915914ca1122d597fee53c5e379eccaf74582eb7 unbound-1.24.2-7.el10.aarch64.rpm SHA-256: ecd2a367d88b15d326de2df19bb59c60f2a8b88f71620b72520d446bcdfad90f unbound-anchor-1.24.2-7.el10.aarch64.rpm SHA-256: 7770cb455b52e12aca16a51140b1c7d35d11cbd5ba56c8c8bf11124bdb2ac0f8 unbound-anchor-debuginfo-1.24.2-7.el10.aarch64.rpm SHA-256: 8a35a72a38cfb3c9f6b6e1732044f85f604e0b1e38f5ffd4b6c929e8425f1ac9 unbound-debuginfo-1.24.2-7.el10.aarch64.rpm SHA-256: 35c76a00d4dbe8e5da298d1fe570fc99e247fb8cbf881758ccd2799eef0d1e01 unbound-debugsource-1.24.2-7.el10.aarch64.rpm SHA-256: 2a79d76d99b2964665a69b7544a5aa96f2470011abb222b60f09ecdfb979320d unbound-dracut-1.24.2-7.el10.aarch64.rpm SHA-256: 6160443433322cb115afbdb9a28547030de709a2f095035f7cb4b131f8a8de04 unbound-libs-1.24.2-7.el10.aarch64.rpm SHA-256: e9246eb0cadf2f27a608e27bbcee4a09106741357a2c136fb7a06080b37dd375 unbound-libs-debuginfo-1.24.2-7.el10.aarch64.rpm SHA-256: bc1356a30b5d029fc302c65c48b27753ec4340dda70235dc315f5e0fad1d5813 unbound-utils-1.24.2-7.el10.aarch64.rpm SHA-256: 4ea9651e055e5bf2c0af5842ca94b758e71f39e40993a6140d425f673ec0de6b unbound-utils-debuginfo-1.24.2-7.el10.aarch64.rpm SHA-256: a9c089baa7260f821fd0cea21351330b4716038732de2c36c88d58b34107e446 Red Hat CodeReady Linux Builder for x86_64 10 SRPM x86_64 python3-unbound-debuginfo-1.24.2-7.el10.x86_64.rpm SHA-256: 1a8a82cd17b42618410bba987dc1009553b28a26c06068e29835197170f8a7d7 unbound-anchor-debuginfo-1.24.2-7.el10.x86_64.rpm SHA-256: 77e8c50c61d78bd27fe6d4531f375beb8a33d92bf4018d91fb9924a7d239aee2 unbound-debuginfo-1.24.2-7.el10.x86_64.rpm SHA-256: 4de63157ebe9a2d788c82906159fe581c9bcd72afa94dd22fad11079fdf4fad7 unbound-debugsource-1.24.2-7.el10.x86_64.rpm SHA-256: 7bdd67de97ba100913693986144cb8d2ab12b0447c909322b598432a3c0a672d unbound-devel-1.24.2-7.el10.x86_64.rpm SHA-256: 5dc814a8e19c9850b233d64add1e28078faff01be869d051aff59aa81c45c399 unbound-libs-debuginfo-1.24.2-7.el10.x86_64.rpm SHA-256: 52500dbfe666a8ed9252f58cd79e4b37a2bf34283a7d48cf3061000b53ba3535 unbound-utils-debuginfo-1.24.2-7.el10.x86_64.rpm SHA-256: 092e10d1efa8c62f2026bf32089ac0c38d41ec508a0f369b4d57fe833ab2b859 Red Hat CodeReady Linux Builder for Power, little endian 10 SRPM ppc64le python3-unbound-debuginfo-1.24.2-7.el10.ppc64le.rpm SHA-256: 18fddd334e77a2fc5362677e37466729a3f097ccb15ad3543806ecc4f8773053 unbound-anchor-debuginfo-1.24.2-7.el10.ppc64le.rpm SHA-256: 183629466718dd0