Bump github.com/coredns/coredns from 1.14.2 to 1.14.3 by dependabot[bot] · Pull Request #186 · milgradesec/filter

dependabot · 2026-04-23T11:42:48Z

Bumps github.com/coredns/coredns from 1.14.2 to 1.14.3.

Release notes

Sourced from github.com/coredns/coredns's releases.

v1.14.3

This release introduces Windows service support, along with full TSIG verification across DoH, DoH3, QUIC, and gRPC transports, and improved TSIG propagation and DoH request validation. It also adds optional TLS for the metrics endpoint. Performance and stability are improved through cache prefetching, QUIC optimizations, and a new max_age option in the forward plugin. Additional updates include enhanced SVCB/HTTPS support, improved zone transfer behavior, and various DNSSEC, PROXY protocol, and concurrency fixes. The release is built with Go 1.26.2, which includes security fixes addressing CVE-2026-32282, CVE-2026-32289, CVE-2026-33810, CVE-2026-27144, CVE-2026-27143, CVE-2026-32288, CVE-2026-32283, and CVE-2026-27140, and also includes fixes for CVE-2026-32936, CVE-2026-33190, CVE-2026-33489, CVE-2026-32934, and CVE-2026-35579.

Brought to You By

andreyrusanov-ec cangming Cedric Wang Ilya Kulakov Ingmar Van Glabbeek John-Michael Mulesa JUN YANG liucongran Minghang Chen Peppi-Lotta rpb-ant Seena Fallah Syed Azeez Umut Polat Ville Vesilehto Yong Tang

Noteworthy Changes

core: Add full TSIG verification in DoH transport (coredns/coredns#8013)

core: Add full TSIG verification in DoH3 transport (coredns/coredns#8044)

core: Add full TSIG verification in QUIC transport (ttps://redirect.github.com/core: Add full TSIG verification in QUIC transport coredns/coredns#8007)

core: Add full TSIG verification in gRPC transport (coredns/coredns#8006)

core: Add support for running CoreDNS as a Windows service (coredns/coredns#7962)

core: Avoid spawning waiter goroutines when QUIC worker pool is full (coredns/coredns#7927)

core: Preserve TSIG status in gRPC transport (coredns/coredns#7943)

core: Propagate TSIG secrets to DoT server (coredns/coredns#7928)

core: Propagate TSIG status in DoQ transport (coredns/coredns#7947)

core: Reject oversized GET dns query parameter of DoH (coredns/coredns#7926)

core: Use per-connection local address for PROXY protocol (coredns/coredns#8005)

plugin/auto: Resolve symlinked directory before walk (coredns/coredns#8032)

plugin/cache: Add an atomic.Bool to singleflight prefetching (coredns/coredns#7963)

plugin/cache: Prefetch without holding a client connection (coredns/coredns#7944)

plugin/dnssec: Add defensive nil checks (coredns/coredns#7997)

plugin/dnssec: Avoid caching empty signing results (coredns/coredns#7996)

plugin/dnssec: Return nil from ParseKeyFile on error (coredns/coredns#8000)

... (truncated)

Commits

17fceec Update release note for 1.14.3 (#8053)
cf6a78f core: Add full TSIG verification in DoH3 transport (#8044)
8c5ec14 Fix broken links (#8051)
e0c85ae build(deps): bump github.com/aws/aws-sdk-go-v2/config (#8049)
52c312d build(deps): bump the go-etcd-io group with 2 updates (#8046)
8deacea build(deps): bump google.golang.org/api from 0.273.1 to 0.275.0 (#8047)
d28b21b build(deps): bump docker/login-action from 4.0.0 to 4.1.0 (#8048)
9956cb0 build(deps): bump github.com/aws/aws-sdk-go-v2/credentials (#8050)
50cbaf8 plugin/file: introduce snapshot()/setData() accessors for zone data (#8040)
8a28dc9 fix(dnssec) TestDelegationUnSigned: Potential nil pointer dereference (#8042)
Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

@dependabot rebase will rebase this PR
@dependabot recreate will recreate this PR, overwriting any edits that have been made to it
@dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
@dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
@dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
@dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

Bumps [github.com/coredns/coredns](https://github.com/coredns/coredns) from 1.14.2 to 1.14.3. - [Release notes](https://github.com/coredns/coredns/releases) - [Commits](coredns/coredns@v1.14.2...v1.14.3) --- updated-dependencies: - dependency-name: github.com/coredns/coredns dependency-version: 1.14.3 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>

dependabot Bot added dependencies Pull requests that update a dependency file go Pull requests that update Go code labels Apr 23, 2026

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Bump github.com/coredns/coredns from 1.14.2 to 1.14.3#186

Bump github.com/coredns/coredns from 1.14.2 to 1.14.3#186
dependabot[bot] wants to merge 1 commit intomainfrom
dependabot/go_modules/github.com/coredns/coredns-1.14.3

dependabot Bot commented on behalf of github Apr 23, 2026

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

0 participants

Conversation

dependabot Bot commented on behalf of github Apr 23, 2026

v1.14.3

Brought to You By

Noteworthy Changes

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

0 participants