Unbound 1.24.2 This security release has additional fixes for CVE-2025-11411. Promiscuous NS RRSets that complement DNS replies in the authority section can be used to trick resolvers to update their delegation information for the zone. The CVE is described here https://nlnetlabs.nl/downloads/unbound/CVE-2025-11411.txt Unbound 1.24.1 included a fix that scrubs unsolicited NS RRSets (and their respective address records) from replies mitigating the possible poison effect. Unbound 1.24.2 includes an additional fix that scrubs unsolicited NS RRSets (and their respective address records) from YXDOMAIN and non-referral nodata replies as well, mitigating the possible poison effect. We would like to thank TaoFei Guo from Peking University, Yang Luo and JianJun Chen from Tsinghua University for discovering and responsibly disclosing the partial mitigation of CVE-2025-11411 in Unbound 1.24.1. Bug Fixes: - Additional fix for CVE-2025-11411 (possible domain hijacking attack), to include YXDOMAIN and non-referral nodata answers in the mitigation as well, reported by TaoFei Guo from Peking University, Yang Luo and JianJun Chen from Tsinghua University.