OL9: bind-dyndb-ldap needs to be rebuilt against latest bind ABI

[archset]

named on OL9 servers with LDAP backend support fails after update to latest bind and bind-dyndb-ldap packages. Bind-dyndb-ldap needs to be rebuilt against the latest bind.

Error (from journalctl -xeu named)

May 12 13:12:22 x named[213216]: ../../../lib/dns/name.c:1083: REQUIRE((__builtin_expect(!!((name) != ((void *)0)), 1) && __builtin_expect(!!(((const isc__magic_t *)(name))->magic == ((('D') << 24 | ('N') << 16 | ('S') << 8 | ('n')))), 1))) failed, back trace
May 12 13:12:22 x named[213216]: #0 0x55c4459f7621 in ??
May 12 13:12:22 x named[213216]: #1 0x7f3830ee04e0 in ??
May 12 13:12:22 x named[213216]: #2 0x7f3831050e9a in ??
May 12 13:12:22 x named[213216]: #3 0x7f38203012a8 in ??
May 12 13:12:22 x named[213216]: #4 0x7f382030e96e in ??
May 12 13:12:22 x named[213216]: #5 0x7f38202c5c5a in ??
May 12 13:12:22 x named[213216]: #6 0x7f38202c69a3 in ??
May 12 13:12:22 x named[213216]: #7 0x7f382030f575 in ??
May 12 13:12:22 x named[213216]: #8 0x7f382030fa33 in ??
May 12 13:12:22 x named[213216]: #9 0x7f3830f1968a in ??
May 12 13:12:22 x named[213216]: #10 0x7f38306e2c12 in ??
May 12 13:12:22 x named[213216]: #11 0x7f3830767cc0 in ??
May 12 13:12:22 x named[213216]: exiting (due to assertion failure)
May 12 13:12:22 x systemd[1]: named.service: Main process exited, code=killed, status=6/ABRT

Current workaround is to downgrade bind to allow ABIs to match up with dyndb-ldap plugin. This is less than ideal as the latest bind patch addresses KeyTrap vulnerability CVE-2023-50868

Package details:

Name         : bind
Epoch        : 32
Version      : 9.16.23
Release      : 18.0.1.el9_4.1
Repository   : ol9_appstream

Name         : bind-dyndb-ldap
Version      : 11.9
Release      : 9.el9_4
Repository   : ol9_appstream

[YoderExMachina]

Thanks for reporting this. We have created an internal ticket to track this issue.