List of bugs in BIND 9

Following bugs are somehow important for bind-dyndb-ldap developers or users:

• Two calls to BIND’s function dns_db_getoriginnode() are fatal if there are no data at the node.
  • ISC-Bugs #35080
  • detailed description
  • Red Hat bug 1044026
  • Fixed by 161e803a5608956271d8120be37a1b383d14b647.
• Freelists in memory context consume memory indefinitely
  • ISC-Bugs #35160
  • detailed description
  • WONTFIX: There is really no way to do this without a complete redesign of isc_mem.
  • It means that we have to limit amount of small allocations artifically in our code. Otherwise we can consume gigabytes of memory which will never be returned to the operating system.
    • Workaround: see bind-dyndb-ldap commit d173eabf49b15025770b6a441a235b19b036e719
• In-line signing: raw and secure zones are getting out-of-sync
  • ISC-Bugs #36196
  • detailed description
  • waiting for reply from ISC
    • References: <RT-Ticket-36196@isc.org> <538EF176.5050302@redhat.com>
• PKCS#11 PIN is silently truncated to 32 bytes
  • ISC-Bugs #37410
  • This affects pkcs11-* utilities and also key files generated by dnssec-keyfromlabel: Login to token is refused with an error similar to “invalid PIN”.
  • Fixed by 7fbfa379e25b675ec46ae30925b4b2923a07c893, new maximum is 256 bytes.
• dns_name_fullcompare() doesn’t fill nlabelsp correctly if name pointers are equal
  • ISC-Bugs #37176
  • Fixed by a266ab205bfd1c510022e2cd2a8cb62988242593.