This update for unbound fixes the following issues

- CVE-2026-32792: Packet of death with DNSCrypt (bsc#1265583).
- CVE-2026-33278: Possible remote code execution during DNSSEC validation (bsc#1265587).
- CVE-2026-40622: "Ghost domain name" variant (bsc#1265581).
- CVE-2026-41292: Parsing a long list of incoming EDNS options degrades performance (bsc#1265580).
- CVE-2026-42534: Jostle logic bypass degrades resolution performance (bsc#1265585).
- CVE-2026-42923: Degradation of service with unbounded NSEC3 hash calculations (bsc#1265589).
- CVE-2026-42944: Heap overflow and crash with multiple nsid, cookie, padding EDNS options (bsc#1265578).
- CVE-2026-42959: Crash during DNSSEC validation of malicious content (bsc#1265586).
- CVE-2026-42960: Possible cache poisoning attack while following delegation (bsc#1265588).
- CVE-2026-44390: Unbounded name compression in certain cases causes degradation of service (bsc#1265584).
- CVE-2026-44608: Use after free and crash in RPZ code (bsc#1265582).