I can confirm that the following debian packages resolve the issue:
bind9_9.10.3.dfsg.P4-12.3+deb9u3_amd64.deb bind9utils_9.10.3.dfsg.P4-12.3+deb9u3_amd64.deb libbind9-140_9.10.3.dfsg.P4-12.3+deb9u3_amd64.deb libdns162_9.10.3.dfsg.P4-12.3+deb9u3_amd64.deb libgssapi-krb5-2_1.15-1+deb9u1_amd64.deb libisc160_9.10.3.dfsg.P4-12.3+deb9u3_amd64.deb libisccc140_9.10.3.dfsg.P4-12.3+deb9u3_amd64.deb libisccfg140_9.10.3.dfsg.P4-12.3+deb9u3_amd64.deb libk5crypto3_1.15-1+deb9u1_amd64.deb libkrb5-3_1.15-1+deb9u1_amd64.deb libkrb5support0_1.15-1+deb9u1_amd64.deb liblwres141_9.10.3.dfsg.P4-12.3+deb9u3_amd64.deb libssl1.0.2_1.0.2l-2+deb9u1_amd64.deb
If we could get bind9 and dependencies rebuilt with the necessary patch (from the bug, a 1-liner) that'd be splendid so that we can return to a safe chroot bind9 scenario
I can confirm that the following debian packages resolve the issue:
bind9_9. 10.3.dfsg. P4-12.3+ deb9u3_ amd64.deb 9.10.3. dfsg.P4- 12.3+deb9u3_ amd64.deb 140_9.10. 3.dfsg. P4-12.3+ deb9u3_ amd64.deb 9.10.3. dfsg.P4- 12.3+deb9u3_ amd64.deb krb5-2_ 1.15-1+ deb9u1_ amd64.deb 9.10.3. dfsg.P4- 12.3+deb9u3_ amd64.deb 9.10.3. dfsg.P4- 12.3+deb9u3_ amd64.deb 9.10.3. dfsg.P4- 12.3+deb9u3_ amd64.deb 1.15-1+ deb9u1_ amd64.deb 3_1.15- 1+deb9u1_ amd64.deb _1.15-1+ deb9u1_ amd64.deb 9.10.3. dfsg.P4- 12.3+deb9u3_ amd64.deb 0.2_1.0. 2l-2+deb9u1_ amd64.deb
bind9utils_
libbind9-
libdns162_
libgssapi-
libisc160_
libisccc140_
libisccfg140_
libk5crypto3_
libkrb5-
libkrb5support0
liblwres141_
libssl1.
If we could get bind9 and dependencies rebuilt with the necessary patch (from the bug, a 1-liner) that'd be splendid so that we can return to a safe chroot bind9 scenario