bind9: merge with debian's 9.10.3.dfsg.P4-12.6

Bug #1712920 reported by Andreas Hasenack on 2017-08-24
6
This bug affects 1 person
Affects Status Importance Assigned to Milestone
bind9 (Ubuntu)
Low
Andreas Hasenack

Bug Description

bind9 (1:9.10.3.dfsg.P4-12.6) unstable; urgency=medium

  * Non-maintainer upload.
  * Import upcoming DNSSEC KSK-2017 from 9.10.5 (Closes: #860794)

 -- Bernhard Schmidt <email address hidden> Fri, 11 Aug 2017 19:10:07 +0200

From the bug:
"""
Hi,

ICANN will roll the DNSSEC root zone KSK in October 2017. DNSSEC-enabled
resolvers will then stop working unless they have the new key configured
to be trusted (note that in the default configuration a running BIND will
learn and store the new key using RFC5011 (managed-keys), but a new
installation will be broken).

The patch attached is generated by diffing ./bind.keys{.h} from BIND 9.10.3-P4
to BIND 9.10.5, where the changelog reads

4564. [maint] Update the built in managed keys to include the
                        upcoming root KSK. [RT #44579]

Another way would be Bug#760459, but this will probably be too intrusive for
jessie and stretch.
"""

CVE References

Changed in bind9 (Ubuntu):
importance: Undecided → Low
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package bind9 - 1:9.10.3.dfsg.P4-12.6ubuntu1

---------------
bind9 (1:9.10.3.dfsg.P4-12.6ubuntu1) artful; urgency=medium

  * Merge with Debian unstable (LP: #1712920). Remaining changes:
    - Add RemainAfterExit to bind9-resolvconf unit configuration file
      (LP #1536181).
    - rules: Fix path to libsofthsm2.so. (LP #1685780)
    - d/p/CVE-2016-8864-regression-test.patch: tests for the regression
      introduced with the CVE-2016-8864.patch and fixed in
      CVE-2016-8864-regression.patch.
    - d/p/CVE-2016-8864-regression2-test.patch: tests for the second
      regression (RT #44318) introduced with the CVE-2016-8864.patch
      and fixed in CVE-2016-8864-regression2.patch.
    - d/control, d/rules: add json support for the statistics channels.
      (LP #1669193)

bind9 (1:9.10.3.dfsg.P4-12.6) unstable; urgency=medium

  * Non-maintainer upload.
  * Import upcoming DNSSEC KSK-2017 from 9.10.5 (Closes: #860794)

 -- Andreas Hasenack <email address hidden> Thu, 24 Aug 2017 18:28:00 -0300

Changed in bind9 (Ubuntu):
status: In Progress → Fix Released
To post a comment you must log in.
This report contains Public information  Edit
Everyone can see this information.

Other bug subscribers