An update for ldns is now available for openEuler-20.03-LTS-SP4,openEuler-22.03-LTS-SP4,openEuler-24.03-LTS-SP1,openEuler-24.03-LTS-SP3 Security Advisory openeuler-security@openeuler.org openEuler security committee openEuler-SA-2026-2788 Final 1.0 1.0 2026-06-24 Initial 2026-06-24 2026-06-24 openEuler SA Tool V1.0 2026-06-24 ldns security update An update for ldns is now available for openEuler-20.03-LTS-SP4,openEuler-22.03-LTS-SP4,openEuler-24.03-LTS-SP1,openEuler-24.03-LTS-SP3 The goal of ldns is to simplify DNS programming, it supports recent RFCs like the DNSSEC documents, and allows developers to easily create software conforming to current RFCs, and experimental software for current Internet Drafts. A secondary benefit of using ldns is speed; ldns is written in C it should be a lot faster than Perl. Security Fix(es): NLnet Labs ldns 1.2.0 up to and including versions 1.9.0, when used in applications as (stub) resolver over UDP, lacks matching the query destination address and port with the response source address and port. Furthermore not the query ID, neither the question of the query is matched with that of the response. This makes applications, that use ldns for (stub) resolver functionality over UDP, vulnerable for off-path poisoning attacks. The drill tool, which is shipped with ldns, suffers from this vulnerability.(CVE-2026-10846) An update for ldns is now available for openEuler-20.03-LTS-SP4,openEuler-22.03-LTS-SP4,openEuler-24.03-LTS-SP1,openEuler-24.03-LTS-SP3. openEuler Security has rated this update as having a security impact of high. A Common Vunlnerability Scoring System(CVSS)base score,which gives a detailed severity rating, is available for each vulnerability from the CVElink(s) in the References section. High ldns https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2026-2788 https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2026-10846 https://nvd.nist.gov/vuln/detail/CVE-2026-10846 openEuler-20.03-LTS-SP4 openEuler-22.03-LTS-SP4 openEuler-24.03-LTS-SP1 openEuler-24.03-LTS-SP3 ldns-1.7.0-27.oe2003sp4.aarch64.rpm ldns-debuginfo-1.7.0-27.oe2003sp4.aarch64.rpm ldns-debugsource-1.7.0-27.oe2003sp4.aarch64.rpm ldns-devel-1.7.0-27.oe2003sp4.aarch64.rpm perl-ldns-1.7.0-27.oe2003sp4.aarch64.rpm python2-ldns-1.7.0-27.oe2003sp4.aarch64.rpm python3-ldns-1.7.0-27.oe2003sp4.aarch64.rpm ldns-1.7.0-29.oe2203sp4.aarch64.rpm ldns-debuginfo-1.7.0-29.oe2203sp4.aarch64.rpm ldns-debugsource-1.7.0-29.oe2203sp4.aarch64.rpm ldns-devel-1.7.0-29.oe2203sp4.aarch64.rpm perl-ldns-1.7.0-29.oe2203sp4.aarch64.rpm python3-ldns-1.7.0-29.oe2203sp4.aarch64.rpm ldns-1.8.3-2.oe2403sp1.aarch64.rpm ldns-debuginfo-1.8.3-2.oe2403sp1.aarch64.rpm ldns-debugsource-1.8.3-2.oe2403sp1.aarch64.rpm ldns-devel-1.8.3-2.oe2403sp1.aarch64.rpm perl-ldns-1.8.3-2.oe2403sp1.aarch64.rpm python3-ldns-1.8.3-2.oe2403sp1.aarch64.rpm ldns-1.8.3-2.oe2403sp3.aarch64.rpm ldns-debuginfo-1.8.3-2.oe2403sp3.aarch64.rpm ldns-debugsource-1.8.3-2.oe2403sp3.aarch64.rpm ldns-devel-1.8.3-2.oe2403sp3.aarch64.rpm perl-ldns-1.8.3-2.oe2403sp3.aarch64.rpm python3-ldns-1.8.3-2.oe2403sp3.aarch64.rpm ldns-1.7.0-27.oe2003sp4.src.rpm ldns-1.7.0-29.oe2203sp4.src.rpm ldns-1.8.3-2.oe2403sp1.src.rpm ldns-1.8.3-2.oe2403sp3.src.rpm ldns-1.7.0-27.oe2003sp4.x86_64.rpm ldns-debuginfo-1.7.0-27.oe2003sp4.x86_64.rpm ldns-debugsource-1.7.0-27.oe2003sp4.x86_64.rpm ldns-devel-1.7.0-27.oe2003sp4.x86_64.rpm perl-ldns-1.7.0-27.oe2003sp4.x86_64.rpm python2-ldns-1.7.0-27.oe2003sp4.x86_64.rpm python3-ldns-1.7.0-27.oe2003sp4.x86_64.rpm ldns-1.7.0-29.oe2203sp4.x86_64.rpm ldns-debuginfo-1.7.0-29.oe2203sp4.x86_64.rpm ldns-debugsource-1.7.0-29.oe2203sp4.x86_64.rpm ldns-devel-1.7.0-29.oe2203sp4.x86_64.rpm perl-ldns-1.7.0-29.oe2203sp4.x86_64.rpm python3-ldns-1.7.0-29.oe2203sp4.x86_64.rpm ldns-1.8.3-2.oe2403sp1.x86_64.rpm ldns-debuginfo-1.8.3-2.oe2403sp1.x86_64.rpm ldns-debugsource-1.8.3-2.oe2403sp1.x86_64.rpm ldns-devel-1.8.3-2.oe2403sp1.x86_64.rpm perl-ldns-1.8.3-2.oe2403sp1.x86_64.rpm python3-ldns-1.8.3-2.oe2403sp1.x86_64.rpm ldns-1.8.3-2.oe2403sp3.x86_64.rpm ldns-debuginfo-1.8.3-2.oe2403sp3.x86_64.rpm ldns-debugsource-1.8.3-2.oe2403sp3.x86_64.rpm ldns-devel-1.8.3-2.oe2403sp3.x86_64.rpm perl-ldns-1.8.3-2.oe2403sp3.x86_64.rpm python3-ldns-1.8.3-2.oe2403sp3.x86_64.rpm ldns-help-1.7.0-27.oe2003sp4.noarch.rpm ldns-help-1.7.0-29.oe2203sp4.noarch.rpm ldns-help-1.8.3-2.oe2403sp1.noarch.rpm ldns-help-1.8.3-2.oe2403sp3.noarch.rpm NLnet Labs ldns 1.2.0 up to and including versions 1.9.0, when used in applications as (stub) resolver over UDP, lacks matching the query destination address and port with the response source address and port. Furthermore not the query ID, neither the question of the query is matched with that of the response. This makes applications, that use ldns for (stub) resolver functionality over UDP, vulnerable for off-path poisoning attacks. The drill tool, which is shipped with ldns, suffers from this vulnerability. 2026-06-24 CVE-2026-10846 openEuler-20.03-LTS-SP4 openEuler-22.03-LTS-SP4 openEuler-24.03-LTS-SP1 openEuler-24.03-LTS-SP3 High 8.2 AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N ldns security update 2026-06-24 https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2026-2788