I am currently inclining the revert the change. But it will silently break some
configurations. There’s really no good option here, but I agree that breaking
existing configurations is bad.
Ondrej
--
Ondřej Surý (He/Him)
> On 24. 9. 2022, at 4:27, Marc Dequènes wrote:
>
> Quack,
>
> First,
Quack,
First, Steinar, I had the same crash and you need to exclude
'inline-signing yes' if your zone uses 'allow-update' or
'update-policy'. A proper error message would have been welcome indeed.
I was also struck by this breakage and my whole infra was down because I
use unattended-upgrade
On Fri, Sep 23, 2022 at 12:09:45AM +0200, Ondřej Surý wrote:
> Nope, the plan to follow upstream releases was acked by both the security
> and release teams, so I am not doing anything really surprising here.
Well, it is really surprising to users :-) Other packages that have been
doing the same t
Control: severity -1 important
Nope, the plan to follow upstream releases was acked by both the security and
release teams, so I am not doing anything really surprising here. BIND 9
packages are following the patch releases for each minor release (in the
traditional major.minor.patch version tr
On Thu, Sep 22, 2022 at 08:13:53PM +0200, Ondřej Surý wrote:
> I am sorry this has caused inconvenience for you, but the original problem
> here was that the implicit inline-signing with the dnssec-policy was also
> problematic and causing other problems, see the upstream issue:
> https://gitlab
Hi Steinar,
I am sorry this has caused inconvenience for you, but the original problem here
was that the implicit inline-signing with the dnssec-policy was also
problematic and causing other problems, see the upstream issue:
https://gitlab.isc.org/isc-projects/bind9/-/issues/3381
Especially th
Package: bind9
Version: 1:9.16.33-1~deb11u1
Severity: grave
Hi,
After applying the security updates for DSA 5235-1, named completely breaks
and refuses to start. (This caused downtime in production for us.) The reason
seems to be that the patch includes a full minor version bump, including
policy
7 matches
Mail list logo