Package: bind9 Version: 1:9.10.3.dfsg.P4-12.3+deb9u11 Severity: important File: /usr/sbin/named
Dear Maintainer, today we start updating bind9 on stretch with the latest security update. After update the bind9 starts and crashed after a few seconds with: ../../../lib/dns/name.c:2487: REQUIRE((((dest) != ((void *)0)) && (((const isc__magic_t *)(dest))->magic == ((('D') << 24 | ('N') << 16 | ('S') << 8 | ('n')))))) failed, back trace I stripped down configuration to options { forward only; forwarders { x.x.x.x; }; }; I used several ip-address for forwarding, always the same error. Starting in debug mode - some lines before and after: 19-Mar-2022 11:17:09.791 client 127.0.0.1#40316: UDP request 19-Mar-2022 11:17:09.791 client 127.0.0.1#40316: using view '_default' 19-Mar-2022 11:17:09.791 client 127.0.0.1#40316: request is not signed 19-Mar-2022 11:17:09.791 client 127.0.0.1#40316: recursion available 19-Mar-2022 11:17:09.791 client 127.0.0.1#40316: query 19-Mar-2022 11:17:09.791 client 127.0.0.1#40316 (.): query (cache) './NS/IN' approved 19-Mar-2022 11:17:09.791 client 127.0.0.1#40316 (.): replace 19-Mar-2022 11:17:09.791 clientmgr @0x7fbe2ed63458: get client 19-Mar-2022 11:17:09.791 clientmgr @0x7fbe2ed63458: create new 19-Mar-2022 11:17:09.791 clientmgr @0x7fbe2ed63458: clientmctx 19-Mar-2022 11:17:09.791 client @0x7fbe2004cfa0: create 19-Mar-2022 11:17:09.792 fetch: ./NS 19-Mar-2022 11:17:09.792 client @0x7fbe2004cfa0: udprecv 19-Mar-2022 11:17:09.792 ../../../lib/dns/name.c:2487: REQUIRE((((dest) != ((void *)0)) && (((const isc__magic_t *)(dest))->magic == ((('D') << 24 | ('N') << 16 | ('S') << 8 | ('n')))))) failed, back trace 19-Mar-2022 11:17:09.792 #0 0x558b9ace0d80 in ?? 19-Mar-2022 11:17:09.792 #1 0x7fbe2cef39aa in ?? 19-Mar-2022 11:17:09.792 #2 0x7fbe2e5ddf36 in ?? 19-Mar-2022 11:17:09.792 #3 0x7fbe2e65ff64 in ?? 19-Mar-2022 11:17:09.792 #4 0x7fbe2e6622a4 in ?? 19-Mar-2022 11:17:09.792 #5 0x7fbe2e662b84 in ?? 19-Mar-2022 11:17:09.792 #6 0x7fbe2cf17a23 in ?? 19-Mar-2022 11:17:09.792 #7 0x7fbe2c8be4a4 in ?? 19-Mar-2022 11:17:09.792 #8 0x7fbe2bd0fd0f in ?? 19-Mar-2022 11:17:09.792 exiting (due to assertion failure) After reinstalling version deb9u6 everything works as before. Because name.c is not in patchfile debian/patches/CVE-2021-25220.patch I assume regression error? I checked it with stretch-backports - no error found. So I assume it's stretch-related? Anything I can provide more? -- System Information: Debian Release: 9.13 APT prefers oldoldstable APT policy: (990, 'oldoldstable') Architecture: amd64 (x86_64) Kernel: Linux 4.9.0-18-amd64 (SMP w/2 CPU cores) Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8), LANGUAGE=en_US.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Init: systemd (via /run/systemd/system) Versions of packages bind9 depends on: ii adduser 3.115 ii bind9utils 1:9.10.3.dfsg.P4-12.3+deb9u11 ii debconf [debconf-2.0] 1.5.61 ii init-system-helpers 1.56~bpo9+1 ii libbind9-140 1:9.10.3.dfsg.P4-12.3+deb9u11 ii libc6 2.24-11+deb9u4 ii libcap2 1:2.25-1 ii libcomerr2 1.43.4-2+deb9u2 ii libdns162 1:9.10.3.dfsg.P4-12.3+deb9u11 ii libgeoip1 1.6.9-4 ii libgssapi-krb5-2 1.15-1+deb9u3 ii libirs141 1:9.10.3.dfsg.P4-12.3+deb9u11 ii libisc160 1:9.10.3.dfsg.P4-12.3+deb9u11 ii libisccc140 1:9.10.3.dfsg.P4-12.3+deb9u11 ii libisccfg140 1:9.10.3.dfsg.P4-12.3+deb9u11 ii libk5crypto3 1.15-1+deb9u3 ii libkrb5-3 1.15-1+deb9u3 ii liblwres141 1:9.10.3.dfsg.P4-12.3+deb9u11 ii libssl1.0.2 1.0.2u-1~deb9u7 ii libxml2 2.9.4+dfsg1-2.2+deb9u5 ii lsb-base 9.20161125 ii net-tools 1.60+git20161116.90da8a0-1 ii netbase 5.4 bind9 recommends no packages. Versions of packages bind9 suggests: pn bind9-doc <none> ii dnsutils 1:9.10.3.dfsg.P4-12.3+deb9u11 pn resolvconf <none> pn ufw <none> -- debconf information: bind9/different-configuration-file: bind9/start-as-user: bind bind9/run-resolvconf: false regards, Andreas Schulz Fujitsu TDS GmbH