From 1db4568df6aaacda6ebbce87717156bd855f8103 Mon Sep 17 00:00:00 2001
From: Yong Tang <yong.tang.github@outlook.com>
Date: Wed, 8 Oct 2025 08:26:37 -0700
Subject: [PATCH] Bump version to 1.13.1 (#7599)

---
 coremain/version.go     |  2 +-
 notes/coredns-1.13.1.md | 24 ++++++++++++++++++++++++
 2 files changed, 25 insertions(+), 1 deletion(-)
 create mode 100644 notes/coredns-1.13.1.md

diff --git a/coremain/version.go b/coremain/version.go
index aa6a26da0..77931d8ec 100644
--- a/coremain/version.go
+++ b/coremain/version.go
@@ -2,7 +2,7 @@ package coremain
 
 // Various CoreDNS constants.
 const (
-	CoreVersion = "1.13.0"
+	CoreVersion = "1.13.1"
 	CoreName    = "CoreDNS"
 	serverType  = "dns"
 )
diff --git a/notes/coredns-1.13.1.md b/notes/coredns-1.13.1.md
new file mode 100644
index 000000000..6e7407b85
--- /dev/null
+++ b/notes/coredns-1.13.1.md
@@ -0,0 +1,24 @@
++++
+title = "CoreDNS-1.13.1 Release"
+description = "CoreDNS-1.13.1 Release Notes."
+tags = ["Release", "1.13.1", "Notes"]
+release = "1.13.1"
+date = "2025-10-08T00:00:00+00:00"
+author = "coredns"
++++
+
+This release updates CoreDNS to Go 1.25.2 and golang.org/x/net v0.45.0 to address multiple
+high-severity CVEs. It also improves core performance by avoiding string concatenation in
+loops, and hardens the sign plugin by rejecting invalid UTF-8 tokens in dbfile.
+
+## Brought to You By
+
+Catena cyber
+Ville Vesilehto
+Yong Tang
+
+## Noteworthy Changes
+
+* core: Avoid string concatenation in loops (https://github.com/coredns/coredns/pull/7572)
+* core: Update golang to 1.25.2 and golang.org/x/net to v0.45.0 on CVE fixes (https://github.com/coredns/coredns/pull/7598)
+* plugin/sign: Reject invalid UTF‑8 dbfile token (https://github.com/coredns/coredns/pull/7589)