[ffe] Sync pdns-recursor 4.0.0~alpha2-1 (universe) from Debian unstable (main)

Thank you for the request!

However, the upstream changes (http://anonscm.debian.org/cgit/pkg-pdns/pdns-recursor.git/commit/?h=upstream&id=8447e4990a72e278cf13522c570b27ad2a61eeae) seem substantial even besides the autotools related work. Therefore if it would be wanted to be included to Ubuntu 16.04 LTS, you would need to follow the freeze exception process to provide more information about the upgrade, as documented as https://wiki.ubuntu.com/FreezeExceptionProcess#FeatureFreeze_Exceptions

Alternatively it could be synced next month when the development for Ubuntu 16.10 opens.

Hi Timo,

I'm Pieter Lexis, one of the PowerDNS developers.

> to provide more information about the upgrade

I'll chime in on the reason for this.

In the current state, the pdns-recursor package in Xenial is not fit for production use (let alone inclusion in an LTS). Several of the issues include:

 - Configuring forwarding results in SIGABRT (fixed in https://github.com/pieterlexis/pdns/commit/88490c0365375978afea38bf352079b4fef28e17)
- RPZ and IXFR with TSIG is broken (fixed in https://github.com/pieterlexis/pdns/commit/bd051ad662f10373bb8f3e13a55cbec3f6ebc91c and https://github.com/pieterlexis/pdns/commit/f0ca9bcf2800bb31513283bbe9fa5d1e2b83dcf6)
- The cache would fill the memory with stale entries (fixed in https://github.com/rgacogne/pdns/commit/2b94bb415eb33d909e064cadea06a7c2fcea7380)

Combined with the fact that DNSSEC validation has many broken cornercases in Alpha 1 and Alpha 2 (but the Debian package has disabled the validation as per our recommendation), we believe that the package suggested is many times better than the package currently in Xenial.

We released this Alpha 2 because of the Ubuntu freeze, as Ubuntu originally pulled in the Alpha 1 from Debian Sid. We contacted devel-discuss, but got little response regarding our suggested solutions (https://lists.ubuntu.com/archives/ubuntu-devel-discuss/2016-February/016183.html).

I hope this answers your questions regarding why we'd like a freeze exception. The only other solution (in our eyes as upstream) is to have Xenial revert to the Recursor 3.7.3, which might go EOL before Xenial does.

Best regards,

Pieter Lexis

see https://wiki.ubuntu.com/FreezeExceptionProcess on how to request a ffe, I at least subscribed the release team and added "ffe" to the title

(check the wikipage but you might want to add a diff/changes summary to the bug for eaésier review)

The buildlog

Upstream changelog

Install log

leaf package, we eventually want to converge to 4.0 final in Xenial (presumably in an SRU), and upstream recommends this too, so approved.

This bug was fixed in the package pdns-recursor - 4.0.0~alpha2-2
Sponsored for Christian Hofstaedtler (zeha)

---------------
pdns-recursor (4.0.0~alpha2-2) unstable; urgency=medium

  * Apply patch from upstream to fix build without
    boost::context, hopefully fixing missing builds on arm64, s390x.

 -- Christian Hofstaedtler <email address hidden> Mon, 28 Mar 2016 12:15:09 +0000

pdns-recursor (4.0.0~alpha2-1) unstable; urgency=medium

  * New Upstream version 4.0.0~alpha2, with autotools build system.
    (Closes: #809091)
  * Disable DNSSEC processing for this release, per upstream recommendation.

 -- Christian Hofstaedtler <email address hidden> Wed, 09 Mar 2016 15:22:59 +0000

pdns-recursor (4.0.0~alpha1-3) unstable; urgency=medium

  * Update systemd unit file from upstream
  * Drop pdns-recursor-dbg in favor of automated dbgsym packages
  * Disable secpoll by default
  * Use root hints from dns-root-data package (Closes: #760470)
  * Drop Build-Depends: quilt, as we just rely on dpkg-source
  * Increase LimitNOFILE to a size suitable for default mthreads

 -- Christian Hofstaedtler <email address hidden> Thu, 25 Feb 2016 00:02:07 +0000