package/unbound: security bump version to 1.24.2

Changelog: https://nlnetlabs.nl/projects/unbound/download/

Fixes CVE-2025-11411:
https://nlnetlabs.nl/downloads/unbound/CVE-2025-11411.txt

Removed UNBOUND_IGNORE_CVES, the fix is included in this release.

The unbound version 1.23.0 also includes a fix when compiling with
gcc 15. See:
https://github.com/NLnetLabs/unbound/pull/1262

Fixes:
https://autobuild.buildroot.net/results/d3d/d3d6b84ba667e3e2586b7cfdaddcd160232eddfd/

Signed-off-by: Bernd Kuhls <bernd@kuhls.net>
[Julien: add comment about gcc-15 fix]
Signed-off-by: Julien Olivain <ju.o@free.fr>

package/unbound/unbound.hash

@@ -1,8 +1,8 @@
-# From https://nlnetlabs.nl/downloads/unbound/unbound-1.21.1.tar.gz.sha256
+# From https://nlnetlabs.nl/downloads/unbound/unbound-1.24.2.tar.gz.sha256
 # After checking pgp signature from:
-# https://nlnetlabs.nl/downloads/unbound/unbound-1.21.1.tar.gz.asc
+# https://nlnetlabs.nl/downloads/unbound/unbound-1.24.2.tar.gz.asc
 # with key: 948EB42322C5D00B79340F5DCFF3344D9087A490
-sha256  3036d23c23622b36d3c87e943117bdec1ac8f819636eb978d806416b0fa9ea46  unbound-1.21.1.tar.gz
+sha256  44e7b53e008a6dcaec03032769a212b46ab5c23c105284aa05a4f3af78e59cdb  unbound-1.24.2.tar.gz
 
 # Locally calculated
 sha256  8eb9a16cbfb8703090bbfa3a2028fd46bb351509a2f90dc1001e51fbe6fd45db  LICENSE

package/unbound/unbound.mk

@@ -4,7 +4,7 @@
 #
 ################################################################################
 
-UNBOUND_VERSION = 1.21.1
+UNBOUND_VERSION = 1.24.2
 UNBOUND_SITE = https://nlnetlabs.nl/downloads/unbound
 UNBOUND_INSTALL_STAGING = YES
 UNBOUND_DEPENDENCIES = host-pkgconf expat libevent openssl
@@ -23,9 +23,6 @@ UNBOUND_CONF_OPTS = \
 	--with-libexpat=$(STAGING_DIR)/usr \
 	--with-ssl=$(STAGING_DIR)/usr
 
-# Only vulnerable if built with --enable-subnet
-UNBOUND_IGNORE_CVES += CVE-2025-5994
-
 ifeq ($(BR2_TOOLCHAIN_HAS_THREADS_NPTL),y)
 UNBOUND_CONF_OPTS += --with-pthreads
 else