This message contains additional information to supplement the information
contained in our recent operational notification:
Operational Notification: BIND 9.16.20, 9.17.17, and 9.16.20-S1 can trigger
an assertion failure when reading zone data stored in map format
Please read the operational notification first, either via this mailing list
or in the ISC Knowledge Base:
Source patch diffs are available that can be applied to BIND 9.16.20 or BIND
in order to prevent named from attempting to load data from a zone data file
in an incompatible version of the map file format. Instead, when encountering
written by an incompatible version, named will:
- log a message indicating that an invalid zone file was detected
- move the file to a backup location
- retransfer the file, in the most common map zone use case (storing
local copies of zone data on a secondary server)
This is the normal and expected behavior when the map zone format changes.
without the patch fail to detect the incompatible zone file, attempt to load
exit with an assertion failure when that attempt fails.
Proper behavior looks something like this when observed in the log file:
> 20-Aug-2021 08:13:20.601 zone ./IN: loading from master file root.map failed:
> 20-Aug-2021 08:13:20.601 zone ./IN: unable to load from 'root.map'; renaming file to
'db-wVdhmbfS' for failure analysis and retransferring.
> 20-Aug-2021 08:13:20.601 all zones loaded
> 20-Aug-2021 08:13:20.601 running
> 20-Aug-2021 08:13:20.701 zone ./IN: Transfer started.
The patches which prevent the assertion failure can be retrieved from:
For users of ISC's binary packages, updated packages have been published to
the public COPR repository, as well as to the private Cloudsmith repository
provided for support customers.
We apologize for the inconvenience,
bind-announce mailing list