oracle-linux
oracle-linux copied to clipboard
oracle
OL9: bind-dyndb-ldap needs to be rebuilt against latest bind ABI
named on OL9 servers with LDAP backend support fails after update to latest bind and bind-dyndb-ldap packages. Bind-dyndb-ldap needs to be rebuilt against the latest bind.
Error (from journalctl -xeu named)
May 12 13:12:22 x named[213216]: ../../../lib/dns/name.c:1083: REQUIRE((__builtin_expect(!!((name) != ((void *)0)), 1) && __builtin_expect(!!(((const isc__magic_t *)(name))->magic == ((('D') << 24 | ('N') << 16 | ('S') << 8 | ('n')))), 1))) failed, back trace
May 12 13:12:22 x named[213216]: #0 0x55c4459f7621 in ??
May 12 13:12:22 x named[213216]: #1 0x7f3830ee04e0 in ??
May 12 13:12:22 x named[213216]: #2 0x7f3831050e9a in ??
May 12 13:12:22 x named[213216]: #3 0x7f38203012a8 in ??
May 12 13:12:22 x named[213216]: #4 0x7f382030e96e in ??
May 12 13:12:22 x named[213216]: #5 0x7f38202c5c5a in ??
May 12 13:12:22 x named[213216]: #6 0x7f38202c69a3 in ??
May 12 13:12:22 x named[213216]: #7 0x7f382030f575 in ??
May 12 13:12:22 x named[213216]: #8 0x7f382030fa33 in ??
May 12 13:12:22 x named[213216]: #9 0x7f3830f1968a in ??
May 12 13:12:22 x named[213216]: #10 0x7f38306e2c12 in ??
May 12 13:12:22 x named[213216]: #11 0x7f3830767cc0 in ??
May 12 13:12:22 x named[213216]: exiting (due to assertion failure)
May 12 13:12:22 x systemd[1]: named.service: Main process exited, code=killed, status=6/ABRT
Current workaround is to downgrade bind to allow ABIs to match up with dyndb-ldap plugin. This is less than ideal as the latest bind patch addresses KeyTrap vulnerability CVE-2023-50868
Package details:
Name : bind
Epoch : 32
Version : 9.16.23
Release : 18.0.1.el9_4.1
Repository : ol9_appstream
Name : bind-dyndb-ldap
Version : 11.9
Release : 9.el9_4
Repository : ol9_appstream
Thanks for reporting this. We have created an internal ticket to track this issue.
