Petr, while I understand that you are trying to do a great job maintaining the BIND 9 packages for RHEL, it is what it is - a random snapshot defined not by the quality of the chosen version but by the time availability. This is made even more complicated by applying a set of patches where the set is defined by the downstream maintainer.
The whole idea that something frozen in time with patches applied by distribution maintainer must be more stable than the software actively developed by upstream developers is wrong. This could perhaps work for slow-paced low complex software, but for anything that's reasonably complex (as various network servers and clients are) it's doomed to fail. And what's even worse that people will come, use the distribution package of BIND 9 and think this is the "best" quality they can get. > If he wanted bleeding edge This narrative is wrong. I am not recommending people to run the latest development release - that would be "bleeding edge". The latest stable BIND 9 version is not bleeding edge. You are trying to frame it as it's something dangerous to use the latest version provided by the upstream developers who are in all due respect more knowledgeable about the upstream source code than any downstream package maintainer could be. Sure, that doesn't mean that mistakes doesn't happen, they do, but running latest upstream patch release (or latest stable release) is considerably more safe for BIND 9 than running BIND 9 release that's many version behind, often EOL and with considerable amount of patches[1] applied. So, no, I am not going to stop telling people to stop using packages bundled with a distribution unless the distribution follows the latest patch release. Alternatively, the RedHat can dedicate a support team to triage, answer and fix problems in these versions (taken from DistroWatch): * RHEL 7 - BIND 9.11.4 - released on 2018-07-11 - 33 patch releases behind - EOL since March 2022[2] * RHEL 8 - BIND 9.11.36 - released on 2021-10-27 - 1 patch release behind - EOL since March 2022[2] * RHEL 9 - BIND 9.16.23 - released on 2021-11-17 - 16 patch releases behind And since this is not really going to happen, I will continue people to use upstream sanctioned packages because that will not waste the user time and it will not waste the developers time. > if the only issue in our version is unrelated to the problem investigated? There were 448 merge requests between BIND version 9.16.23 and 9.16.39, and 963 commits. So, how do you know that? I don't and I am certainly not willing to spend my already spread-thin time investigating whether any issue has been fixed in the last year and half, but I would be thrilled to fix any issue found in the latest stable BIND release. We don't make changes to BIND 9 just because we can, there's (usually) a good reason behind every commit and every merge request. 1. https://git.centos.org/rpms/bind/blob/c8s/f/SOURCES 2. https://lists.isc.org/pipermail/bind-announce/2022-March/001210.html Ondrej -- Ondřej Surý (He/Him) ond...@isc.org My working hours and your working hours may be different. Please do not feel obligated to reply outside your normal working hours. > On 17. 4. 2023, at 13:57, Petr Menšík <pemen...@redhat.com> wrote: > > Our CentOS/RHEL 8 package are not just random BIND 9 snapshot. If he wanted > bleeding edge, he would use RHEL 9 or even Fedora. But he uses conservative > package I am looking after. While it may have some known issues, it has all > important fixes it needs. Can you please stop telling people to not use our > packages, if the only issue in our version is unrelated to the problem > investigated? > > But I admit we should update to more recent BIND 9.16 release already. > > Cheers, > Petr > > On 4/13/23 15:40, Ondřej Surý wrote: >>> On 13. 4. 2023, at 15:25, David Carvalho via bind-users >>> <bind-users@lists.isc.org> wrote: >>> >>> I'm using 9.16.23 >> Just don't. >> >> ISC provides packages for major linux distributions >> (https://www.isc.org/download/), >> so there's really no reason to shoot yourself into foot to use a random BIND >> 9 >> snapshot provided by your distro. >> >> And while you are at it - upgrade straight to latest 9.18, your experience >> will be much >> smoother. >> >> Ondrej >> -- >> Ondřej Surý (He/Him) >> ond...@isc.org >> >> My working hours and your working hours may be different. Please do not feel >> obligated to reply outside your normal working hours. >> > -- > Petr Menšík > Software Engineer, RHEL > Red Hat, https://www.redhat.com/ > PGP: DFCF908DB7C87E8E529925BC4931CA5B6C9FC5CB > > -- > Visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from > this list > > ISC funds the development of this software with paid support subscriptions. > Contact us at https://www.isc.org/contact/ for more information. > > > bind-users mailing list > bind-users@lists.isc.org > https://lists.isc.org/mailman/listinfo/bind-users -- Visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list ISC funds the development of this software with paid support subscriptions. Contact us at https://www.isc.org/contact/ for more information. bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users