Agreed. I would suggest doing a full bug report into an issue next time and including all the relevant details instead of piggybacking on an internal issue.
There is a subtle difference between #5570 and the issue reported below, and thus these are two distinct bugs. Ondrej -- Ondřej Surý (He/Him) [email protected] My working hours and your working hours may be different. Please do not feel obligated to reply outside your normal working hours. > On 4. 11. 2025, at 7:21, Petr Menšík via bind-users > <[email protected]> wrote: > > Unfortunately this is a rare moment, when Ondřej is not correct. This affects > all versions, which included fix for CVE-2025-8677. Yes, I verified also our > builds are affected. Fedora 9.18.41 contains the same problem, but OpenSSL > library does not prevent usage of 5 and 7 algorithms there. It is not visible. > > But in any case, similar reports should contain delv +vtrace output from your > side. Especially because it should be able to reproduce it on any system, > which disables RSASHA1 and RSASHA1NSEC3 algorithms. But delv tool shows wrong > behaviour only on CentOS 9 or CentOS 10 derivatives. On other systems it > seems unaffected on the first glance. > > Development version contains code modifications, which has similar problem in > a bit different place and with different fix needed. But unlike original > assumption it affects also stable versions. > > Cheers, > Petr > > On 30/10/2025 22:39, Ondřej Surý wrote: >> No, you have not been caught by this. The issue you are referring to affects >> only a development >> version of BIND 9 (9.21), so whatever you are experiencing is not related to >> this. >> >> You need to provide evidence (logs, reproducer) about what is going on, so >> we can help you >> diagnose the issue you are experiencing. >> >> Ondrej >> -- >> Ondřej Surý (He/Him) >> [email protected] >> >> My working hours and your working hours may be different. Please do not feel >> obligated to reply outside your normal working hours. > > -- > Petr Menšík > Senior Software Engineer, RHEL > Red Hat, https://www.redhat.com/ > PGP: DFCF908DB7C87E8E529925BC4931CA5B6C9FC5CB > > -- > Visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from > this list. -- Visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list.
