-
Bug
-
Resolution: Unresolved
-
Undefined
-
None
-
rhel-7-els, rhel-8.2.0.z, rhel-8.4.0.z, rhel-8.6.0.z, rhel-8.8.0.z, rhel-8.10.z, rhel-9.0.0.z, rhel-9.2.0.z, rhel-9.4.z, rhel-9.5, rhel-9.5.z
-
None
-
No
-
Moderate
-
rhel-sst-idm-ipa
-
ssg_idm
-
None
-
False
-
-
None
-
None
-
None
-
None
-
-
All
-
None
What were you trying to do that didn't work?
The CVE-2023-50387 related change in bind required a rebuild of bind-dyndb-ldap, and therefore some version combinations are no longer compatible and able to work together (would or could crash or won't start at all).
The bind-dyndb-ldap package should introduce a conflict in the spec file to prevent installing itself with incompatible bind.
Similar changes are being done in bind.
It's not an ideal fix, would only work with updated packages, may not work correctly when updating minor version, but the conflict could prevent at least some incidents.
Having this committed and ready to be shipped with upcoming fixes would be great. I don't think we have to do erratas just for this one.
Please provide the package NVR for which bug is seen:
All latest in streams supported/depending on bind-external-libs.
How reproducible:
Always
Steps to reproduce
- Downgrade bind and/or bind-dyndb-ldap
- Should downgrade bind as well as bind-dyndb-ldap
- Upgrade bind-dyndb-ldap and/or bind
- Should upgrade bind as well as bind-dyndb-ldap.