22 Pro
2025
22 Pro
'25
8:32
On 22/12/2025 00.37, Łukasz Trąbiński wrote:
After further analysis, it appears that this issue
affects a significant number of important and widely used domains, which may have a real
impact on many users.
Perhaps you'd like to share more about this analysis? From what I know
so far, practical impact needs an error on the side of the authoritative
server. (as servers are obliged to send a SOA and lower TTL wins)
Would it be possible to prepare an official release
and distribution packages that include this fix? This would greatly simplify deployment in
production environments.
Thank you in advance for your time and consideration.
Speaking of in-distribution packages, those are almost never in *our*
hands, unfortunately. Releasing and upstream packages are doable,
though honestly they seem unlikely to happen this year.
If you're impatient, I suggest the option of grabbing binary packages
from our CI. We aim to keep the master and master-5 branches in good
shape all the time. Right now, for example:
* 6.x: https://gitlab.nic.cz/knot/knot-resolver/-/pipelines/148723
* 5.x: https://gitlab.nic.cz/knot/knot-resolver/-/pipelines/148736
You just click your distro on the right, and in the artifacts you can
download binary packages tested by the CI (same recipe as for our
official upstream packages).
--Vladimir