Ubuntu
bind9 package

Serious validation errors in Bind 9.7.0

Bug #714814 reported by Antoin Verschuren on 2011-02-07

This bug report is a duplicate of: Bug #651875: Bind 9.7.0-P1 validation errors. Edit Remove

258

This bug affects 1 person

Affects		Status	Importance	Assigned to	Milestone
	bind9 (Ubuntu)	New	Undecided	Unassigned

Bug Description

Binary package hint: bind9

Ubuntu 10.04 LTS still uses Bind 9.7.0-P1 which has serious validation errors.

Please read
http://www.isc.org/announcement/bind-9-dnssec-validation-fails-new-ds-record
and
http://www.verisignlabs.com/documents/BIND-DS-Servfail.pdf

and please backport bind9 in Lucid to at least 9.7.2 before March 31.
Since Lucid is a LTS version, this version is mostly used in production systems as is, with no manual upgrades.

I've writen a simular bugreport without the detailed documentation from ISC and Verisign half a year ago:
https://bugs.launchpad.net/ubuntu/+source/bind9/+bug/651875

But no action was taken.
If no action is taken before March 31, a lot of validating resolvers will get very busy, and users not able to resolve .com domains.

Antoin Verschuren (ubuntu-antoin) on 2011-02-07

visibility:

private → public

Report a bug

This report contains Public Security information

Everyone can see this security related information.

Duplicate of bug #651875 Remove

You are

Subscribing...

Edit bug mail

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.

Ubuntubind9 package

Serious validation errors in Bind 9.7.0

Bug Description

Other bug subscribers

Remote bug watches

Ubuntu
bind9 package