Rehdat has released EL9 RHSA-2025:21111 to address recent bind 9 vulnerabilities (CVE-2025-8677, CVE-2025-40780, and CVE-2025-40778). While Rocky 8 had received a patch for this same problem, I haven’t seen a similar patch for Rocky 9. Is there a timeline for a Rocky 9 (or 10) fix for CVE-2025-40778?
Updated ‘bind’ were released for RHEL 9.6 Nov 10.
RHEL 9.7 (with updated ‘bind’) was released Nov 12.
Most of the effort now is most likely on getting the Rocky 9.7 (and Rocky 10.1) ready for release.