RHEL Engineering is moving the tracking of its product development work on RHEL 6 through RHEL 9 to Red Hat Jira (issues.redhat.com). If you're a Red Hat customer, please continue to file support cases via the Red Hat customer portal. If you're not, please head to the "RHEL project" in Red Hat Jira and file new tickets here. Individual Bugzilla bugs in the statuses "NEW", "ASSIGNED", and "POST" are being migrated throughout September 2023. Bugs of Red Hat partners with an assigned Engineering Partner Manager (EPM) are migrated in late September as per pre-agreed dates. Bugs against components "kernel", "kernel-rt", and "kpatch" are only migrated if still in "NEW" or "ASSIGNED". If you cannot log in to RH Jira, please consult article #7032570. That failing, please send an e-mail to the RH Jira admins at rh-issues@redhat.com to troubleshoot your issue as a user management inquiry. The email creates a ServiceNow ticket with Red Hat. Individual Bugzilla bugs that are migrated will be moved to status "CLOSED", resolution "MIGRATED", and set with "MigratedToJIRA" in "Keywords". The link to the successor Jira issue will be found under "Links", have a little "two-footprint" icon next to it, and direct you to the "RHEL project" in Red Hat Jira (issue links are of type "https://issues.redhat.com/browse/RHEL-XXXX", where "X" is a digit). This same link will be available in a blue banner at the top of the page informing you that that bug has been migrated.
Bug 2013993 - Rebase to the last BIND 9.11.36 release
Summary: Rebase to the last BIND 9.11.36 release
Keywords:
Status: CLOSED ERRATA
Alias: None
Product: Red Hat Enterprise Linux 8
Classification: Red Hat
Component: bind
Version: 8.6
Hardware: Unspecified
OS: Unspecified
unspecified
unspecified
Target Milestone: rc
: ---
Assignee: Petr Menšík
QA Contact: Petr Sklenar
Šárka Jana
URL:
Whiteboard:
Depends On: 2021443
Blocks: 2017637 2021814 2022715 2022762
TreeView+ depends on / blocked
 
Reported: 2021-10-14 08:47 UTC by Petr Menšík
Modified: 2022-05-10 16:53 UTC (History)
2 users (show)

Fixed In Version: bind-9.11.36-1.el8
Doc Type: Enhancement
Doc Text:
.The `bind` component rebased to version 9.11.36 The `bind` component has been updated to version 9.11.36. Notable bug fixes and enhancements include: * Improved the `lame-ttl` option to be more secure. * A multiple threads bug affecting RBTDB instances no longer results in assertion failure in `free_rbtdb()`. * Updated implementation of the ZONEMD RR type to match RFC 8976. * The maximum supported number of NSEC3 iterations has been reduced to 150. Records with more iterations are treated as insecure. * An invalid direction field in a LOC record no longer results in a failure.
Clone Of:
Environment:
Last Closed: 2022-05-10 15:29:44 UTC
Type: Bug
Target Upstream Version:
Embargoed:


Attachments (Terms of Use)


Links
System ID Private Priority Status Summary Last Updated
Internet Systems Consortium (ISC) isc-projects bind9 issues 2236 0 None None None 2021-11-01 15:23:41 UTC
Internet Systems Consortium (ISC) isc-projects bind9 issues 2305 0 None None None 2021-11-01 15:23:41 UTC
Internet Systems Consortium (ISC) isc-projects bind9 issues 2445 0 None None None 2021-11-01 15:23:41 UTC
Internet Systems Consortium (ISC) isc-projects bind9 issues 2499 0 None None None 2021-11-01 15:23:41 UTC
Internet Systems Consortium (ISC) isc-projects bind9 issues 2642 0 None None None 2021-11-01 15:23:41 UTC
Internet Systems Consortium (ISC) isc-projects bind9 issues 2658 0 None None None 2021-11-01 15:23:41 UTC
Red Hat Issue Tracker OSCI-2799 0 None None None 2022-01-18 00:24:08 UTC
Red Hat Issue Tracker RHELBLD-8540 0 None None None 2021-12-21 08:40:21 UTC
Red Hat Issue Tracker RHELPLAN-99790 0 None None None 2021-10-14 08:48:09 UTC
Red Hat Product Errata RHSA-2022:2092 0 None None None 2022-05-10 15:29:57 UTC

Description Petr Menšík 2021-10-14 08:47:43 UTC
Description of problem:
BIND 9.11 line would be soon stop receiving any updates from upstream. I think it would be good to update to the latest release released in that major version. Currently version 9.11.35 [1] is the latest, only security and critical bugs get included into this version line. We should update to the latest code before upstream stops any maintenance on this version.

Version-Release number of selected component (if applicable):
bind-9.11.26-6.el8

Additional info:

1. https://downloads.isc.org/isc/bind9/9.11.35/RELEASE-NOTES-bind-9.11.35.html

Comment 1 Petr Menšík 2021-11-01 12:13:05 UTC
Since the CVE-2021-25219 is the only change in latest release, I would include this change in a planned rebase. It would include few issue fixes not included in bind-9.11.26 current version.

1. https://downloads.isc.org/isc/bind9/9.11.36/RELEASE-NOTES-bind-9.11.36.html

Comment 3 Petr Menšík 2021-11-01 15:23:42 UTC
Including to additional upstream bugs, which should be fixed by the rebase. That excludes security bugs, which were upgraded by backported fixes. Backported patches would be removed, since fixes are already in the new original upstream archive.

Comment 4 Petr Menšík 2021-11-01 15:25:31 UTC
Release notes for the lastest release:
https://downloads.isc.org/isc/bind9/9.11.36/RELEASE-NOTES-bind-9.11.36.html

Comment 26 errata-xmlrpc 2022-05-10 15:29:44 UTC
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory (Moderate: bind security, bug fix, and enhancement update), and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://access.redhat.com/errata/RHSA-2022:2092


Note You need to log in before you can comment on or make changes to this bug.